Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server
Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have…
Author: Cybernoz
Fortinet fixed actively exploited FortiVoice zero-day
Fortinet fixed actively exploited FortiVoice zero-day Pierluigi Paganini May 14, 2025 Fortinet fixed a critical remote code execution zero-day vulnerability actively exploited in attacks targeting…
a first step to a more centralized approach
We’re pleased to share a significant new change to our platform for companies. Our goal is to empower our customers with clear, actionable insights into…
What’s new in Burp Suite Professional: A year of innovation | Blog
Eleanor Clarke | 14 May 2025 at 08:26 UTC Over the past year, we’ve been hard at work making Burp Suite Professional faster, smarter, and…
Microsoft Warns of AD CS Vulnerability Let Attacker Deny Service Over a Network
Microsoft has issued a security advisory regarding a new vulnerability in Active Directory Certificate Services (AD CS) that could allow attackers to perform denial-of-service attacks…
Windows Ancillary for WinSock 0-Day Vulnerability Actively Exploited to Gain Admin Access.
Microsoft has confirmed active exploitation of a critical privilege escalation vulnerability in the Windows Ancillary Function Driver for WinSock, tracked as CVE-2025-32709. This use-after-free flaw…
Resilience helps businesses understand their cyber risk in financial terms
Resilience launched Cyber Risk Calculator to provide organizations with a financial snapshot of their cyber risk. The AI-powered tool provides security and risk practitioners and C-Suite…
82,000+ WordPress Sites Exposed to Remote Code Execution Attacks
Critical vulnerabilities were identified in TheGem, a premium WordPress theme with more than 82,000 installations worldwide. Researchers identified two separate but interconnected vulnerabilities in TheGem…
New Microsoft Scripting Engine Vulnerability Exposes Systems to Remote Code Attacks
Critical zero-day vulnerability in Microsoft’s Scripting Engine (CVE-2025-30397) has been confirmed to enable remote code execution (RCE) attacks over networks, raising urgent concerns for enterprises…
Ransomware spreads faster, not smarter
The fall of two of the most dominant ransomware syndicates, LockBit and AlphV, triggered a power vacuum across the cybercriminal landscape, acccording to a Black…
Google to enhance security with Advanced Protection with Android 16
Google, the global leader in the tech world, is gearing up to roll out a major security update for users upgrading to Android 16 or…
Insider risk management needs a human strategy
Insider risk is not just about bad actors. Most of the time, it’s about mistakes. Someone sends a sensitive file to the wrong address, or…