Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)
07
Aug
2025

Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)

“In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate…

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day
07
Aug
2025

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day

Aug 07, 2025Ravie LakshmananNetwork Security / Vulnerability SonicWall has revealed that the recent spike in activity targeting its Gen 7…

Trump slaps 100% tariffs on chips to get tech onshore
07
Aug
2025

Trump slaps 100% tariffs on chips to get tech onshore

US president Donald Trump has announced 100% tariffs on semiconductors imported into the US, unless firms make substantial commitments to…

CISA, Microsoft warn of critical Exchange hybrid flaw CVE-2025-53786
07
Aug
2025

CISA, Microsoft warn of critical Exchange hybrid flaw CVE-2025-53786

CISA, Microsoft warn of critical Exchange hybrid flaw CVE-2025-53786 Pierluigi Paganini August 07, 2025 CISA and Microsoft warn of CVE-2025-53786,…

[tl;dr sec] #291 - Build a GuardDuty Triage Agent, Scaling Netflix's Threat Detection Pipelines, Claude for Security Review
07
Aug
2025

[tl;dr sec] #291 – Build a GuardDuty Triage Agent, Scaling Netflix’s Threat Detection Pipelines, Claude for Security Review

Hacker Summer Camp Once more, hackers have descended onto Vegas for our annual Hacker Summer Camp pilgrimage. I hope you…

CISA Warns of 'ToolShell' Exploits Chain Attacks SharePoint Servers
07
Aug
2025

CISA Warns of ‘ToolShell’ Exploits Chain Attacks SharePoint Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an urgent analysis in early July 2025, detailing a sophisticated exploit…

Weaponized npm Packages Target WhatsApp Developers with Remote Kill Switch
07
Aug
2025

Weaponized npm Packages Target WhatsApp Developers with Remote Kill Switch

Socket’s Threat Research Team has uncovered a sophisticated supply chain attack targeting developers integrating with the WhatsApp Business API. Two…

New Promptware Attack Hijacks User's Gemini AI Via Google Calendar Invite
07
Aug
2025

New Promptware Attack Hijacks User’s Gemini AI Via Google Calendar Invite

Cybersecurity researchers at SafeBreach Labs have uncovered a new kind of cyberattack that starts with something as ordinary as a…

6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits
07
Aug
2025

6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits

Aug 07, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have disclosed multiple security flaws in video surveillance products from Axis…

07
Aug
2025

Trump slaps 100% tariffs on chips to get tech onshore

US president Donald Trump has announced 100% tariffs on semiconductors imported into the US, unless firms make substantial commitments to…

New Ghost Calls Attack Abuses Web Conferencing for Covert Command & Control
07
Aug
2025

New Ghost Calls Attack Abuses Web Conferencing for Covert Command & Control

A sophisticated new attack technique called “Ghost Calls” exploits web conferencing platforms to establish covert command and control (C2) channels. …

CISA Warns of ‘ToolShell’ Exploitation Chain Targeting SharePoint Servers; IOCs and Detections Released
07
Aug
2025

CISA Warns of ‘ToolShell’ Exploitation Chain Targeting SharePoint Servers; IOCs and Detections Released

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding an exploitation chain dubbed “ToolShell” targeting on-premises…