CISA Adds Citrix Vulnerabilities To KEV As New Flaws Emerge
The U.S. Cybersecurity and Information Security Agency (CISA) has added two Citrix vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog just as new Citrix vulnerabilities…
Category: DarkReading
Cyber Insurers Might Not Pay If Vulnerabilities Unpatched
A cyber insurance provider is taking issue with competitors that won’t pay claims resulting from unpatched vulnerabilities. In a recent LinkedIn post, cyber insurer Coalition…
CBI Dismantles Cybercrime Network Targeting U.S. Nationals
India’s Central Bureau of Investigation (CBI) has dismantled a transnational cybercrime ring accused of defrauding US nationals of more than $40 million, in a joint…
Agid Confirms Italy Hotel Hack: 100K ID Scans Stolen
The Italian Agency for Digitalization (Agid) has confirmed a large-scale cyberattack targeting hotel servers across Italy. Tens of thousands of high-resolution scans of identification documents,…
Buffalo Cop Indicted Over Genesis Market Purchases
A Buffalo Police detective has been hit with a superseding federal indictment for allegedly attempting to purchase stolen credentials from an illicit online marketplace known…
China-linked Silk Typhoon Hackers Target SaaS Providers
The China-linked advanced persistent threat (APT) group Silk Typhoon has shown a rare ability to compromise trusted relationships in the cloud. That’s one of the…
CISA Warns Of ICS Vulnerabilities In Siemens, Tigo, EG4
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) have released four new Industrial Control Systems (ICS) advisories. These advisories expose multiple vulnerabilities in widely used…
CISO Podcast Series Episode 2 Out Now
The Cyber Express, in collaboration with Suraksha Catalyst, is thrilled to announce the launch of Episode 2 of the Black Hat USA 2025 CISO Podcast…
Critical CVE-2025-9074 Docker Desktop Vulnerability Fix
A severe security vulnerability identified as CVE-2025-9074 has been discovered in Docker Desktop, exposing users to critical risks where malicious containers can gain unauthorized access…
Apple Patches Zero-Day In IOS 18.6.2 After Targeted Exploits
Apple on Wednesday released iPadOS/iOS 18.6.2, as a security update addressing a zero-day vulnerability— tracked as CVE-2025-43300. The company said, the bug has already been…
Russia’s FSB-Linked Hackers Targeting Cisco Network Gear
How often do you hear people talking about issues of legacy systems—especially in critical infrastructure environments? Here’s another example of how deeply rooted this issue…
DOM‑based Extension Clickjacking Threatens User Data
A newly discovered technique, dubbed DOM-based extension clickjacking, has raised serious concerns about the security of browser-based password managers. Despite their role in protecting sensitive…