Innovator Spotlight: CSide – Cyber Defense Magazine
Securing the Browser’s Blind Spot By Victoria Hargrove, CDM Reporter What CSide Does Most security stacks fortify servers, databases, and internal apps. CSide (Client-side Development,…
Month: August 2025
U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini August 27, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix…
US, allies warn China-linked actors still targeting critical infrastructure
Listen to the article 4 min This audio is auto-generated. Please let us know if you have feedback. Chinese government-backed hackers are targeting critical infrastructure…
Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense
Google says it is starting a cyber “disruption unit,” a development that arrives in a potentially shifting U.S. landscape toward more offensive-oriented approaches in cyberspace.…
IT system supplier cyberattack impacts 200 municipalities in Sweden
A cyberattack on Miljödata, an IT systems supplier for roughly 80% of Sweden’s municipal systems, has caused accessibility problems in more than 200 regions of the…
PoC Exploit Released for CrushFTP 0-day Vulnerability (CVE-2025-54309)
A weaponized proof-of-concept exploit has been publicly released targeting CVE-2025-54309, a severe authentication bypass vulnerability affecting CrushFTP file transfer servers. The flaw enables remote attackers…
Cross-domain Solutions: The Present and Future of a Growing Industry
Cross-domain solutions (CDS) consist of the secure exchange of information between security domains. This type of solution, which emerged as a technological answer to the…
ShinyHunters and Scattered Spider Linked to Farmers Insurance Data Breach
Farmers Insurance reports a breach affecting 1.1 million customers. Learn how the attack, linked to groups ShinyHunters and Scattered Spider, is part of a wider…
How to Talk to AI
There’s a popular idea going around right now about renaming “prompt engineering” to “context engineering.” The argument is that context engineering better captures the true…
First known AI-powered ransomware uncovered by ESET Research
The discovery of PromptLock shows how malicious use of AI models could supercharge ransomware and other threats 26 Aug 2025 • , 2 min. read…
Global Salt Typhoon hacking campaigns linked to Chinese tech firms
The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and partners from over a dozen countries have linked the Salt Typhoon…
IPFire Web-Based Firewall Interface Allows Authenticated Administrator to Inject Persistent JavaScript
A stored cross-site scripting (XSS) flaw identified in IPFire 2.29’s web-based firewall interface (firewall.cgi). Tracked as CVE-2025-50975, the vulnerability allows any authenticated administrator to inject…