API Security Platform of the Year 2025 — API Security
2025 has been one of Wallarm’s biggest years yet. In the last few months alone, we unveiled our industry-first API Revenue Protection capability, launched our…
Month: October 2025
Microsoft Defender Incorrectly Flags SQL Server Software as End-of-life
Microsoft Defender for Endpoint is incorrectly flagging specific versions of SQL Server as having reached their end-of-life, causing potential confusion for system administrators. The issue,…
175 Malicious npm Packages Targeting Tech and Energy Firms, 26,000 Downloads
Socket’s Threat Research Team has uncovered a sprawling phishing campaign—dubbed “Beamglea”—leveraging 175 malicious npm packages that have amassed over 26,000 downloads. These packages serve solely…
What Sets Top-Tier Platforms Apart?
The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of…
Critical GitHub Copilot Vulnerability Let Attackers Exfiltrate Source Code From Private Repos
A critical vulnerability in GitHub Copilot Chat, rated 9.6 on the CVSS scale, could have allowed attackers to exfiltrate source code and secrets from private…
GitHub Copilot Flaw Allows Attackers to Steal Source Code from Private Repositories
A critical weakness in GitHub Copilot Chat discovered in June 2025 exposed private source code and secrets to attackers. Rated CVSS 9.6, the vulnerability combined…
Juniper Networks Patches Critical Junos Space Vulnerabilities
Juniper Networks has announced patches for nearly 220 vulnerabilities in Junos OS, Junos Space, and Security Director, including nine critical-severity flaws affecting Junos Space. More…
Gladinet CentreStack And Triofox 0-Day RCE Vulnerability Actively Exploited In Attacks
An active in-the-wild exploitation of a zero-day vulnerability in Gladinet CentreStack and Triofox products. Tracked as CVE-2025-11371, the unauthenticated Local File Inclusion (LFI) flaw allows…
LLM-Powered MalTerminal Malware Uses OpenAI GPT-4 to Create Ransomware Code
LLM-enabled malware poses new challenges for detection and threat hunting as malicious logic can be generated at runtime rather than embedded in code. Our research…
Active Exploitation Detected in Gladinet and TrioFox Vulnerability
Oct 10, 2025Ravie LakshmananVulnerability / Zero-Day Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and…
ZDI Drops 13 Unpatched Ivanti Endpoint Manager Vulnerabilities
Trend Micro’s Zero Day Initiative (ZDI) this week published 13 advisories describing unpatched vulnerabilities in Ivanti Endpoint Manager. One of the flaws allows local attackers…
SnakeKeylogger via Weaponized E-mails Leverage PowerShell to Exfiltrate Sensitive Data
Emerging from a recent wave of targeted campaigns, SnakeKeylogger has surfaced as a potent infostealer that capitalizes on PowerShell and social engineering. The malware’s operators…