Security Issues, Vulnerabilities, Exploits & Government Alerts
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.3 ATTENTION: Low attack complexity Vendor: TrendMakers Equipment: Sight Bulb Pro Vulnerabilities: Use of a Broken or Risky Cryptographic Algorithm, Improper Neutralization of Special Elements used in a…
SaaS Adoption is Skyrocketing, Resilience Hasn’t Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous…
Jun 26, 2025Ravie LakshmananCyber Espionage / Malware An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer…
Jun 26, 2025Ravie LakshmananThreat Intelligence / Ransomware Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly…
Jun 26, 2025Ravie LakshmananVulnerability / Firmware Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited…
Jun 26, 2025Ravie LakshmananArtificial Intelligence / Data Protection Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature,…
Jun 25, 2025Ravie LakshmananSaaS Security / Vulnerability New research has uncovered continued risk from a known security weakness in Microsoft’s Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications.…
Jun 25, 2025Ravie LakshmananVulnerability / Network Security Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries…
Jun 25, 2025Ravie LakshmananData Privacy / Vulnerability Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access…
Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah. Cybersecurity company Resecurity said the breach was announced on…