Zyxel RCE Flaw Lets Attackers Run Commands Without Authentication
Security researcher Alessandro Sgreccia (aka “rainpwn”) has revealed a set of critical vulnerabilities in Zyxel’s USG FLEX-H firewall series that enable remote code execution (RCE)…
Month: April 2025
Securing Fintech Operations Through Smarter Controls and Automation
With the rise of fintechs, accuracy alone isn’t enough, security and reliability are just as necessary. For fintech companies and digital-first organizations, standard internal controls…
Skyhawk Security brings preemptive cloud app defense to RSAC 2025
Skyhawk Security is adding new protection for custom-built cloud applications. The company announced the update to its AI-powered Autonomous Purple Team for RSAC 2025 Conference,…
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely
Apr 24, 2025Ravie LakshmananData Breach / Vulnerability A critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution…
South East Water modernises through Google Cloud
South East Water is putting Google Cloud technologies at the centre of its five-year modernisation project, enabling improved collaboration, data insights and access to artificial…
Hackers Use 1000+ IP Addresses to Target Ivanti VPN Vulnerabilities
A sweeping wave of suspicious online activity is putting organizations on alert as hackers ramp up their efforts to probe vulnerabilities in Ivanti Connect Secure…
Hackers Use Zoom Remote-Control to Steal Crypto
Hackers in the Elusive Comet campaign exploit Zoom’s remote-control feature to steal cryptocurrency, and over $100K lost in social engineering scam. A new cybercrime campaign…
Veracode platform enhancements improve software security
Veracode announced new capabilities to help organizations address emerging threats, giving security professionals better visibility and control in one place. The launch includes new AI-powered…
From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign
The Evolving Healthcare Cybersecurity Landscape Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT…
WhatsApp introduces Advanced Chat Privacy to protect sensitive communications
WhatsApp introduces Advanced Chat Privacy to protect sensitive communications Pierluigi Paganini April 24, 2025 WhatsApp adds Advanced Chat Privacy feature that allows users to block…
Critical Langflow Flaw Enables Malicious Code Injection – Technical Breakdown Released
A critical remote code execution (RCE) vulnerability, identified as CVE-2025-3248 with a CVSS score of 9.8, has been uncovered in Langflow, an open-source platform widely…
CISA Suspends Use of VirusTotal and Censys, Signaling Potential Setbacks for Cyber Defense Efforts
The Cybersecurity and Infrastructure Security Agency (CISA), a key agency responsible for protecting the United States’ critical infrastructure, has taken a significant step by instructing…