Security Issues, Vulnerabilities, Exploits & Government Alerts
Aug 13, 2025Ravie LakshmananVulnerability / Software Security Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution. The vulnerability impacting…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Environmental Protection Agency (EPA), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s…
Aug 13, 2025Ravie LakshmananVulnerability / Network Security Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said there exists an exploit in the wild. The vulnerability, tracked as CVE-2025-25256, carries…
Aug 13, 2025The Hacker NewsArtificial Intelligence / Threat Hunting Security operations have never been a 9-to-5 job. For SOC analysts, the day often starts and ends deep in a queue of alerts, chasing down what…
Aug 13, 2025The Hacker NewsArtificial Intelligence / Identity Security The AI revolution isn’t coming. It’s already here. From copilots that write our emails to autonomous agents that can take action without us lifting a finger,…
Microsoft on Tuesday rolled out fixes for a massive set of 111 security flaws across its software portfolio, including one flaw that has been disclosed as publicly known at the time of the release. Of…
Aug 13, 2025Ravie LakshmananEndpoint Security / Cybercrime Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East’s public sector and aviation industry. The threat…
Aug 12, 2025Ravie LakshmananMalware / Container Security New research has uncovered Docker images on Docker Hub that contain the infamous XZ Utils backdoor, more than a year after the discovery of the incident. More troubling…
Aug 12, 2025Ravie LakshmananThreat Intelligence / Enterprise Security Cybersecurity researchers are warning of a “significant spike” in brute-force traffic aimed at Fortinet SSL VPN devices. The coordinated activity, per threat intelligence firm GreyNoise, was observed…
Aug 12, 2025Ravie LakshmananCybercrime / Financial Security An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be…