Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
Other noteworthy stories that might have slipped under the radar: Symantec vulnerability, anti-ClickFix mechanism added to macOS, FBI hack classified as major incident.
The vulnerabilities can be chained together to bypass authentication and upload arbitrary files to the server.
Once CrowdStrike’s nemesis, Microsoft is now a collaborator. A shared interest in Formula 1 helped thaw the years-long fierce rivalry.
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks.
UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply chains.
Shadow AI embedded in everyday apps, combined with outdated mobile devices and zero-click exploits, is creating a new and largely unseen mobile risk.
The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS tool their finance team signed up for, or a subcontractor nobody in IT knows about. That's the new attack surface, and most organizations are underprepared for it...
Using automated scanning and the Nexus Listener collection framework, the hackers compromised over 750 systems.
The cybersecurity incident involved an insider and had a limited impact, the telecoms giant told SecurityWeek.
The attackers prepared infrastructure and multiple nonce-based transactions, took over an admin key, and drained five vaults.
A Nigerian man who posed as a woman online to swindle men out of their savings has been sentenced to 15 years in a US prison.
SparkCat resurfaces in three app store apps, scanning crypto wallet images via OCR, increasing global risk.
