Adobe patches critical SessionReaper flaw in Magento eCommerce platform
09
Sep
2025

Adobe patches critical SessionReaper flaw in Magento eCommerce platform

Adobe is warning of a critical vulnerability (CVE-2025-54236) in its Commerce and Magento Open Source platforms that researchers call SessionReaper…

Beware of Phishing Email from Kimusky Hackers With Subject Spetember Tax Return Due Date Notice
09
Sep
2025

Beware of Phishing Email from Kimusky Hackers With Subject Spetember Tax Return Due Date Notice

A new wave of phishing attacks purporting to originate from South Korea’s National Tax Service has emerged, leveraging familiar electronic…

Innovator Spotlight: Corelight
09
Sep
2025

Innovator Spotlight: Corelight – Cyber Defense Magazine

The Network’s Hidden Battlefield: Rethinking Cybersecurity Defense Modern cyber threats are no longer knocking at the perimeter – they’re already…

Ivanti Endpoint Manager Vulnerabilities Allow Remote Code Execution by Attackers
09
Sep
2025

Ivanti Endpoint Manager Vulnerabilities Allow Remote Code Execution by Attackers

 Ivanti released Security Advisory for Endpoint Manager versions 2024 SU3 and 2022 SU8, detailing two high‐severity flaws (CVE-2025-9712 and CVE-2025-9872)….

Plex tells users to change passwords due to data breach, pushes server owners to upgrade
09
Sep
2025

Plex tells users to change passwords due to data breach, pushes server owners to upgrade

Media streaming company Plex has suffered a data breach and is urging users to reset their account password and enable…

Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B
09
Sep
2025

Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B

Mitsubishi Electric Corp. on Tuesday said it agreed to buy industrial cybersecurity specialist Nozomi Networks.  The deal is valued at…

Hacker
09
Sep
2025

US charges admin of LockerGoga, MegaCortex, Nefilim ransomware

The U.S. Department of Justice has charged Ukrainian national Volodymyr Viktorovich Tymoshchuk for his role as the administrator of the…

FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauthorized Commands
09
Sep
2025

FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauthorized Commands

Fortinet has disclosed a medium-severity vulnerability in its FortiDDoS-F product line that could allow a privileged attacker to execute unauthorized…

FortiDDoS Vulnerability Lets Hackers Execute Unauthorized OS Commands
09
Sep
2025

FortiDDoS Vulnerability Lets Hackers Execute Unauthorized OS Commands

Fortinet has disclosed a significant OS command injection vulnerability in its FortiDDoS-F appliances that could allow privileged attackers to execute…

New Salty2FA Phishing Kit Bypasses MFA and Clones Login Pages
09
Sep
2025

New Salty2FA Phishing Kit Bypasses MFA and Clones Login Pages

A new, sophisticated phishing kit, Salty2FA, is using advanced tactics to bypass MFA and mimic trusted brands. Read expert analysis…

National cyber director: U.S. strategy needs to shift cyber risk from Americans to its adversaries
09
Sep
2025

National cyber director: U.S. strategy needs to shift cyber risk from Americans to its adversaries

The United States needs a “new, coordinated strategy” to counter its cyber adversaries and “shift the burden of risk in…

Salat Stealer Exfiltrates Browser Credentials Via Sophisticated C2 Infrastructure
09
Sep
2025

Salat Stealer Exfiltrates Browser Credentials Via Sophisticated C2 Infrastructure

Salat Stealer has emerged as a pervasive threat targeting Windows endpoints with a focus on harvesting browser-stored credentials and cryptocurrency…