AI Is Already in Your Org—Are You Securing It All?
It’s been impossible to avoid the buzz around generative AI, especially since ChatGPT took the world by storm. And while tools like DeepSeek, Mistral, and…
Author: Cybernoz
Southwest Airlines CISO on tackling cyber risks in the aviation industry
In this Help Net Security interview, Carrie Mills, VP and CISO, Southwest Airlines talks about the cybersecurity challenges facing the aviation industry. She explains how…
Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems
May 14, 2025Ravie LakshmananVulnerability / Network Security Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks…
Cerbos: Open-source, scalable authorization solution
Cerbos is an open-source solution designed to simplify and modernize access control for cloud-native, microservice-based applications. Instead of hardcoding authorization logic into your application, Cerbos…
European Vulnerability Database goes live, but who benefits?
The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), an initiative under the NIS2 Directive aimed at enhancing digital security…
Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network
Microsoft’s May 2025 Patch Tuesday has addressed several critical vulnerabilities in Windows Remote Desktop services that could allow attackers to execute malicious code remotely. Security…
Australian Human Rights Commission leaks attachments from webforms
The Australian Human Rights Commission accidentally leaked around 670 documents submitted via webforms, where they were indexed by search engines. The commission said in a…
Ivanti ITSM Vulnerability Let Remote Attacker Gain Administrative Access
Ivanti has released security updates to address a critical authentication bypass vulnerability in its Neurons for ITSM (IT Service Management) solution that could allow unauthenticated…
FortiVoice 0-day Vulnerability Exploited in the Wild to Execute Arbitrary Code
Fortinet has disclosed a critical stack-based buffer overflow vulnerability (CVE-2025-32756) affecting multiple products in its security portfolio, with confirmed exploitation targeting FortiVoice systems in the…
Ivanti Cloud Services Application Vulnerability Leads to Privilege Escalation
Ivanti has disclosed a high-severity security vulnerability affecting its Cloud Services Application (CSA) that could allow attackers to escalate privileges on vulnerable systems. The security…
DeepSeek’s AI in hospitals is ‘too fast, too soon’, Chinese medical researchers warn
A team of researchers in China has questioned hospitals’ rapid adoption of DeepSeek, warning that it creates clinical safety and privacy risks, raising red flags…
72 Vulnerabilities Fixed, Including 5 Actively Exploited Zero-Days
Microsoft has released its Patch Tuesday updates for May 2025, addressing a total of 78 vulnerabilities across its product ecosystem, with five identified as actively…