Reputation is currency – even in the ransomware economy
Being seen as reliable is good for ‘business’ and ransomware groups care about ‘brand reputation’ just as much as their victims 11 Dec 2025 • …
Month: December 2025
New Windows RasMan zero-day flaw gets free, unofficial patches
Free unofficial patches are available for a new Windows zero-day vulnerability that allows attackers to crash the Remote Access Connection Manager (RasMan) service. RasMan is…
MITRE Releases Top 25 Most Dangerous Software Weaknesses of 2025
MITRE has unveiled its 2025 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list, highlighting the root causes behind 39,080 Common Vulnerability and…
How private is your VPN?
When you’re shopping around for a Virtual Private Network (VPN) you’ll find yourself in a sea of promises like “military-grade encryption!” and “total anonymity!” You…
Policy, Isolation, and Data Controls That Actually Work
The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions and agentic browsers like ChatGPT…
Digital Ethics Summit 2025: Open sourcing and assuring AI
Open sourcing artificial intelligence (AI) can help combat concentrations of capital and power that currently define its development, while nascent assurance practices need regulation to…
New BlackForce Phishing Kit Lets Attackers Steal Credentials Using MitB Attacks and Bypass MFA
A sophisticated phishing tool called BlackForce has emerged as a serious threat to organizations worldwide. First observed in August 2025, this professional-grade kit allows criminals…
U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds an OSGeo GeoServer flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 12, 2025 U.S. Cybersecurity and Infrastructure Security Agency (CISA)…
CISA orders feds to patch actively exploited Geoserver flaw
CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. In such attacks,…
Beware of Fake Leonardo DiCaprio Movie Torrent File Drops Agent Tesla Malware
A new threat is targeting movie lovers who search for the latest films online. Cybercriminals are now using the popularity of Leonardo DiCaprio’s new film,…
Firewalla Orange brings zero trust anywhere
Firewalla announced Firewalla Orange, a portable multi-gigabit cybersecurity firewall and Wi-Fi 7 router designed to reset expectations for how networks should be protected. Firewalla Orange…
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
Dec 12, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerability…