LATEST

Threat actors are taking advantage of security holes in XWiki and Dassault Systèmes DELMIA Apriso. Alerts have been released by VulnCheck and the U.S. Cybersecurity and Infrastructure Securit

For more than 90% of Fortune 1000 companies, Active Directory continues to be the foundation for authentication. AD is the source of authentication and authorization for all applications, use

A new actively exploited vulnerability in Gladinet's CentreStack and Triofox products. The use of hard-coded cryptographic keys could allow threat actors to decrypt or forge access tickets. A

Defensive strategies had to be fundamentally rethought due to supply chain compromises, AI-powered attacks, and evolving injection techniques. A coordinated JavaScript injection campaign that

It has been noted that a network of YouTube accounts promotes videos that result in the download of malware. To date, the network has released over 3,000 malicious videos; since the beginning

The current state of cyber defense is starkly depicted in Bitdefender's 2025 Cybersecurity Assessment Report. Even when they felt that disclosure was required, 58% of security professionals w

A maximum-severity security vulnerability in Redis's in-memory database software has been made public. RediShell, also known as CVE-2025-49844, is a vulnerability with a CVSS score of

For C2 communications, Zloader

In June, Trend Micro and the KnownSec 404 Team published campaigns that distributed Winos

It is estimated that a campaign abusing the recently revealed security flaws compromised up to 2,000 Palo Alto Networks devices. The vulnerabilities in question are a combination of privilege