Apr 25, 2025Ravie LakshmananVulnerability / Enterprise Security Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the…
A sophisticated new phishing toolkit named “SessionShark” has been specifically designed to circumvent Microsoft Office 365’s multi-factor authentication (MFA) protections. SessionShark is being marketed on…
A sophisticated cyberattack campaign has surfaced, targeting poorly managed Microsoft SQL (MS-SQL) servers to deploy malicious tools like Ammyy Admin and PetitPotato malware. Cybersecurity researchers…
The Federal Bureau of Investigation announced today an unprecedented $10 million reward for actionable intelligence leading to the identification and capture of key operatives behind…
An alarming data leak involving Microsoft Defender XDR has exposed more than 1,700 sensitive documents from hundreds of organizations, following a chain reaction triggered by…
Researchers have uncovered three serious vulnerabilities in Rack, a server interface used by most Ruby web app frameworks (Ruby on Rails, Sinatra, Hanami, Roda, and…
Apr 25, 2025Ravie LakshmananVulnerability / Network Security Cybersecurity researchers are warning about a new malware called DslogdRAT that’s installed following the exploitation of a now-patched…
The FBI has asked the public for information on Chinese Salt Typhoon hackers behind widespread breaches of telecommunications providers in the United States and worldwide.…
A serious vulnerability related to information exposure (CVE-2025-22234) impacts several versions of the spring-security-crypto package. The flaw enables attackers to determine valid usernames through timing…
Why Application Security is Non-Negotiable The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak…
As cloud app adoption continues to rise, and the modern workplace continues to evolve, LastPass will introduce a new approach to democratize access management. Built…
Apr 25, 2025Ravie LakshmananVulnerability / Data Breach Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited,…
