Security Issues, Vulnerabilities, Exploits & Government Alerts
Nov 13, 2025Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence…
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort. “The packages were…
Nov 12, 2025Ravie LakshmananCybercrime / Malware Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS)…
Nov 12, 2025Ravie LakshmananNetwork Security / Zero-Day Amazon’s threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the “Implementation Guidance for Emergency Directive on Cisco Adaptive Security Appliances (ASA) and Firepower Device Vulnerabilities.” This guidance builds on CISA’s Emergency Directive 25-03:…
![[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR](https://i3.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjb7usGljMR3vSfxxk9XeKY39fUcIRMFDq6GOy0OEA_AK7P4ybAoHwl9Ga45OJ5pZPzpDhwqZ0D6PKEI-IFFifcl-NWBM5ymJ6wcNSyL3bneCMbRbVGz1ca3MIaKDHWbNvOVzK1LinCOt0RLYF1-zb_Zy11bGddkRxowymBu754CFJDpCDIreh4iiGF4loK/s790-rw-e365/cyberteams.jpg?w=930&resize=930,620&ssl=1 "[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR")
Nov 12, 2025The Hacker NewsThreat Detection / Risk Management Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up.…
Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD’s importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces…
Nov 12, 2025Ravie LakshmananVulnerability / Patch Tuesday Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild. Of the 63…
Nov 12, 2025Ravie LakshmananArtificial Intelligence / Encryption Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud. The company said…
Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp. According to a report from CyberProof, both malware strains are…