Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass
Dec 16, 2025Ravie LakshmananNetwork Security / Vulnerability Threat actors have begun to exploit two newly disclosed security flaws in Fortinet...
newly
New Splunk Windows Flaw Enables Privilege Escalation Attacks
Image generated by Google’s Nano Banana A newly disclosed high-severity flaw in Splunk for Windows allows local users to escalate...
CrowdStrike Identifies New China-Nexus Espionage Actor
Image: Adobe Stock A newly identified China-nexus cyber adversary, tracked by CrowdStrike as WARP PANDA, has emerged as one of...
Attackers deliver ShadowPad via newly patched WSUS RCE bug
Attackers deliver ShadowPad via newly patched WSUS RCE bug Pierluigi Paganini November 24, 2025 Attackers exploited a patched WSUS flaw...
WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide
Nov 19, 2025Ravie LakshmananVulnerability / Threat Intelligence A newly discovered campaign has compromised tens of thousands of outdated or end-of-life...
OWASP Top 10 for 2025: What’s New and Why It Matters
In this episode, we discuss the newly released OWASP Top 10 for 2025. Join hosts Tom Eston, Scott Wright,...
When Attacks Come Faster Than Patches: Why 2026 Will be the Year of Machine-Speed Security
The Race for Every New CVE Based on multiple 2025 industry reports: roughly 50 to 61 percent of newly disclosed...
ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands
The newly released OpenAI Atlas web browser has been found to be susceptible to a prompt injection attack where its...
Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
Sep 30, 2025Ravie LakshmananZero-Day / Vulnerability A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has...
Microsoft Listens to Security Concerns and Delays New OneDrive Sync
Misuse of the newly announced Microsoft OneDrive synchronization feature puts corporate security and personal privacy at serious risk in ways...
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised
Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach...
Warning: OttoKit WordPress Plugin Admin Creation Vulnerability Being Actively Exploited
There is a recent report of a significant security issue affecting OttoKit (previously known as SureTriggers) that is being exploited...
Google Affirms Android SafetyCore Empowers AI-Driven On-Device Content Categorization
Google has intervened to explain that a recently unveiled Android System SafetyCore application does not conduct any content analysis on...
Variant of Mirai Botnet Utilizes Vulnerability in Four-Faith Router to Execute DDoS Assaults
An altered version of the Mirai botnet has been detected leveraging a recently revealed weakness affecting industrial routers made by...
The Horns&Hooves Strategy Sends Trojans through Deceptive Emails and Script Loads
A recently detected malicious operation has been identified to aim at individual consumers, sellers, and service enterprises primarily situated in...
