Jan 15, 2025Ravie LakshmananVulnerability / Server Security Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure,…
Microsoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that…
Jan 14, 2025Ravie LakshmananVulnerability / Data Privacy New research has pulled back the curtain on a “deficiency” in Google’s “Sign in with Google” authentication flow…
Jan 14, 2025Ravie LakshmananEndpoint Security / Vulnerability Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have…
Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin’s efforts to gather economic and political…
What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new…
Jan 14, 2025Ravie LakshmananVulnerability / Network Security Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management…
Jan 14, 2025Ravie LakshmananCryptocurrency / Online Scam The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion…
Jan 14, 2025Ravie LakshmananVulnerability / Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote…
Jan 13, 2025Ravie LakshmananVulnerability / Cloud Security A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation…
Jan 13, 2025Ravie LakshmananMalware / Domain Security No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking…
Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a…
