Chrome Bug CVE-2025-11756 Puts Safe Browsing At Risk
Google has issued an urgent security update for its Chrome browser, addressing a high-severity vulnerability tracked as CVE-2025-11756. This flaw, which affects Chrome’s Safe Browsing…
Category: DarkReading
Siemens ProductCERT Warns Of Critical UMC Vulnerability
Siemens ProductCERT has recently issued a series of security advisories alerting users to several critical vulnerabilities found across various Siemens industrial and automation products. One…
AEM Forms RCE Flaw Exploited In The Wild
A new vulnerability in Adobe Experience Manager (AEM) Forms has been confirmed as actively exploited in the wild, prompting the U.S. Cybersecurity and Infrastructure Security…
European Authorities Shutter Cybercrime Service Fueling Online Scam
Seven suspects are now in custody after a cross-border crackdown dismantled a cybercrime service that powered more than 3,000 online scams across Europe, authorities said.…
Unencrypted Satellite IP Traffic Is A Widespread Problem
Satellite links contain a surprising amount of unencrypted traffic – and perhaps even more surprising is the fact that the researchers who discovered that unencrypted…
Vanilla Tempest Campaign Using Fraudulent Code-Signing Disrupted
Microsoft said it disrupted a high-volume campaign in October after discovering a coordinated effort by the ransomware group known as Vanilla Tempest to weaponize fraudulently…
Capita Ransomware Fine Marks UK’s Largest Breach Penalty
Capita has been handed a record ransomware fine of £14 million by the Information Commissioner’s Office (ICO) after a 2023 cyberattack exposed the personal data…
F5 Reveals Nation-State Breach; CISA Releases F5 Guidance
Security and application delivery vendor F5 revealed today in an SEC filing that a nation-state threat actor had “long-term, persistent access” to some of the…
Asahi Group Cyberattack Forces Delay In Financial Results
Japanese beverage and food giant Asahi Group Holdings has confirmed that a ransomware attack has disrupted its operations and may have led to a leak…
Patch Tuesday October 2025: Three Zero-days Under Attack
Microsoft’s Patch Tuesday October 2025 included fixes for 175 vulnerabilities, including three exploited zero-days and 13 additional high-risk vulnerabilities. The three zero-days under attack were…
Credential Attacks Detected On SonicWall SSLVPN Devices
A managed security services provider has detected credential attacks on SonicWall SSLVPN devices. The attacks, reported by Huntress, involve “widespread compromise” of SonicWall SSLVPN devices.…
Active Directory Attack Targeting The NTDS.dit File
Active Directory is a key target for hackers, so a recent report detailing Active Directory attack techniques contains useful lessons for security defenders. The attack,…