Security Issues, Vulnerabilities, Exploits & Government Alerts
May 01, 2025Ravie LakshmananVulnerability / VPN Security SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild. The vulnerabilities in question are listed…
Apr 30, 2025Ravie LakshmananArtificial Intelligence / Email Security As the field of artificial intelligence (AI) continues to evolve at a rapid pace, new research has found how techniques that render the Model Context Protocol (MCP)…
![[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats](https://i3.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqbZf4bsDp6ei3fmQ8swm7GB5XoRrhZSFE7ZNhRLFO49KlmdgpIDCZWMSv7rydpEShIrNb9crnH5p6mFZbURzO5HC9I4RlzJazBBw5aHOTmI38sqiZIWPldRqut4bTgegipjOk5VgktVOwCKF_ncLeBX-pMTO_GMVMfbzZbf8eAj21V04y_NiOaSApGkM/s728-rw-e365/webinar-play.jpg?w=930&resize=930,620&ssl=1 "[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats")
Apr 30, 2025The Hacker News How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore. Today’s attackers don’t need to “hack” in—they can trick their way in. Deepfakes, impersonation scams,…
Apr 30, 2025Ravie LakshmananMalware / DNS Security A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks. “Spellbinder enables adversary-in-the-middle…
Everyone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this: “The strangest thing happened to my streaming account. I got locked out of my account, so…
Apr 30, 2025Ravie LakshmananThreat Intelligence / Malware Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022. RomCom “employs…
Cybersecurity researchers have revealed that RansomHub‘s online infrastructure has “inexplicably” gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation. Singaporean cybersecurity company Group-IB said that this may have…
Apr 30, 2025Ravie LakshmananSecure Coding / Vulnerability Meta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among…
Apr 30, 2025Ravie LakshmananPrivacy / Data Protection A high court in the Indian state of Karnataka has ordered the blocking of end-to-end encrypted email provider Proton Mail across the country. The High Court of Karnataka,…
Apr 29, 2025Ravie LakshmananArtificial Intelligence / Data Protection Popular messaging app WhatsApp on Tuesday unveiled a new technology called Private Processing to enable artificial intelligence (AI) capabilities in a privacy-preserving manner. “Private Processing will allow…