European Vulnerability Database goes live, but who benefits?
The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), an initiative under the NIS2 Directive aimed at enhancing digital security…
Month: May 2025
Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network
Microsoft’s May 2025 Patch Tuesday has addressed several critical vulnerabilities in Windows Remote Desktop services that could allow attackers to execute malicious code remotely. Security…
Australian Human Rights Commission leaks attachments from webforms
The Australian Human Rights Commission accidentally leaked around 670 documents submitted via webforms, where they were indexed by search engines. The commission said in a…
Ivanti ITSM Vulnerability Let Remote Attacker Gain Administrative Access
Ivanti has released security updates to address a critical authentication bypass vulnerability in its Neurons for ITSM (IT Service Management) solution that could allow unauthenticated…
FortiVoice 0-day Vulnerability Exploited in the Wild to Execute Arbitrary Code
Fortinet has disclosed a critical stack-based buffer overflow vulnerability (CVE-2025-32756) affecting multiple products in its security portfolio, with confirmed exploitation targeting FortiVoice systems in the…
Ivanti Cloud Services Application Vulnerability Leads to Privilege Escalation
Ivanti has disclosed a high-severity security vulnerability affecting its Cloud Services Application (CSA) that could allow attackers to escalate privileges on vulnerable systems. The security…
DeepSeek’s AI in hospitals is ‘too fast, too soon’, Chinese medical researchers warn
A team of researchers in China has questioned hospitals’ rapid adoption of DeepSeek, warning that it creates clinical safety and privacy risks, raising red flags…
72 Vulnerabilities Fixed, Including 5 Actively Exploited Zero-Days
Microsoft has released its Patch Tuesday updates for May 2025, addressing a total of 78 vulnerabilities across its product ecosystem, with five identified as actively…
UKRI must do more to drive innovation agenda and avoid fraud
The UKRI, the largest single public funder of research and innovation in the UK, needs funding assurance. The UK research and innovation: Providing support through…
Telstra eyes AI multi-agent systems for its processes
Telstra is laying the foundations to use multi-agent systems in its processes, with an AI joint venture with Accenture and modernisation work on its data…
Microsoft’s Patch Tuesday closes 72 vulnerabilities, including 5 zero-days
Microsoft addressed 72 vulnerabilities affecting its core products and underlying systems, including five actively exploited zero-days across various Windows components, the company said in its…
Increase Red Team Operations 10X with Adversarial Exposure Validation
Red teaming is a powerful way to uncover critical security gaps by simulating real-world adversary behaviors. However, in practice, traditional red team engagements are hard…