Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass
Dec 16, 2025Ravie LakshmananNetwork Security / Vulnerability Threat actors have begun to exploit two newly disclosed security flaws in Fortinet...
exploit
ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts
Nov 19, 2025Ravie LakshmananAI Security / SaaS Security Malicious actors can exploit default configurations in ServiceNow's Now Assist generative artificial...
Millions of sites at risk from Imunify360 critical flaw exploit
Millions of sites at risk from Imunify360 critical flaw exploit Pierluigi Paganini November 14, 2025 A vulnerability affecting Imunify360 lets...
Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs
Alleged Russia-linked Curly COMrades exploit Windows Hyper-V to evade EDRs Pierluigi Paganini November 06, 2025 Curly COMrades threat actors exploit...
Crooks exploit RMM software to hijack trucking firms and steal cargo
Crooks exploit RMM software to hijack trucking firms and steal cargo Pierluigi Paganini November 04, 2025 Hackers target trucking firms...
Brush exploit can cause any Chromium browser to collapse in 15-60 seconds
Brush exploit can cause any Chromium browser to collapse in 15-60 seconds Pierluigi Paganini October 30, 2025 “Brash” flaw in...
Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets
Russian hackers, likely linked to Sandworm, exploit legitimate tools against Ukrainian targets Pierluigi Paganini October 29, 2025 Russian actors, likely...
China-linked hackers exploit patched ToolShell flaw to breach Middle East telecom
China-linked hackers exploit patched ToolShell flaw to breach Middle East telecom Pierluigi Paganini October 24, 2025 China-based threat actors exploited...
China-Linked Salt Typhoon breaches European Telecom via Citrix exploit
China-Linked Salt Typhoon breaches European Telecom via Citrix exploit Pierluigi Paganini October 21, 2025 China-linked Salt Typhoon hacked a European...
Introducing Sophos Identity Threat Detection and Response (ITDR)
Adversaries exploit compromised identities, infrastructure weaknesses, and misconfigurations to gain unauthorized access to sensitive data and systems, putting user-based access...
Attackers exploit valid logins in SonicWall SSL VPN compromise
Attackers exploit valid logins in SonicWall SSL VPN compromise Pierluigi Paganini October 11, 2025 Huntress warns of widespread SonicWall SSL...
Zimbra users targeted in zero-day exploit using iCalendar attachments
Zimbra users targeted in zero-day exploit using iCalendar attachments Pierluigi Paganini October 06, 2025 Threat actors exploited a Zimbra zero-day...
Report Details Security Weakness in Comet AI Browser from Perplexity
A new LayerX report shows how a single malicious URL can exploit Perplexity’s Comet AI browser via prompt injection, potentially...
Hackers exploit Fortra GoAnywhere flaw before public alert
Hackers exploit Fortra GoAnywhere flaw before public alert Pierluigi Paganini September 26, 2025 watchTowr Labs says hackers exploited the Fortra...
Nation-State hackers exploit Libraesva Email Gateway flaw
Nation-State hackers exploit Libraesva Email Gateway flaw Pierluigi Paganini September 24, 2025 State-sponsored hackers exploited a vulnerability, tracked as CVE-2025-59689,...
