Year: 2025

CVE Alert: CVE-2024-42181

January 13, 2025

Vulnerability Summary: CVE-2024-42181 HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. The application transmits sensitive or...

CVE Alert: CVE-2024-42180

January 13, 2025

Vulnerability Summary: CVE-2024-42180 HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including...

CVE Alert: CVE-2025-0399

January 13, 2025

Vulnerability Summary: CVE-2025-0399 A vulnerability was found in StarSea99 starsea-mall 1.0. It has been declared as critical. This vulnerability affects...

CVE Alert: CVE-2025-0400

January 13, 2025

Vulnerability Summary: CVE-2025-0400 A vulnerability was found in StarSea99 starsea-mall 1.0. It has been rated as problematic. This issue affects...

CVE Alert: CVE-2024-42179

January 13, 2025

Vulnerability Summary: CVE-2024-42179 HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API∕2.0...

Building a Cyber-Aware Culture: The Importance of Security Awareness Training

January 13, 2025

In today’s digital landscape, where cyber threats are evolving rapidly, security awareness training has become a vital component of any...

SuperDraft – 300,187 breached accounts

January 13, 2025

HIBP In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The...

Scholastic – 4,247,768 breached accounts

January 13, 2025

HIBP In January 2025, a data breach of the publishing company Scholastic surfaced. The breach contained 4.2M unique email addresses...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

January 13, 2025

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies

January 13, 2025

ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies Today, CISA—in partnership with...

CISA: Microsoft Releases December 2024 Security Updates

January 13, 2025

Microsoft Releases December 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat...

CISA: Ivanti Releases Security Updates for Multiple Products

January 13, 2025

Ivanti Releases Security Updates for Multiple Products Ivanti released security updates to address vulnerabilities in Ivanti Cloud Service Application, Ivanti...

CISA: Cisco Releases Security Updates for NX-OS Software

January 13, 2025

Cisco Releases Security Updates for NX-OS Software Cisco released security updates to address a vulnerability in Cisco NX-OS software. A...

CISA: CISA Releases Seven Industrial Control Systems Advisories

January 13, 2025

CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on December 10, 2024. These...

CISA: CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector

January 13, 2025

CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector Today, CISA and the Environmental...

CISA: Adobe Releases Security Updates for Multiple Products

January 13, 2025

Adobe Releases Security Updates for Multiple Products Adobe released security updates to address vulnerabilities in multiple Adobe software products including...

CISA: Apple Releases Security Updates for Multiple Products

January 13, 2025

Apple Releases Security Updates for Multiple Products Apple released security updates to address vulnerabilities in multiple Apple products. A cyber...

CISA: CISA Releases Ten Industrial Control Systems Advisories

January 13, 2025

CISA Releases Ten Industrial Control Systems Advisories CISA released ten Industrial Control Systems (ICS) advisories on December 12, 2024. These...

CISA: CISA Requests Public Comment for Draft National Cyber Incident Response Plan Update

January 13, 2025

CISA Requests Public Comment for Draft National Cyber Incident Response Plan Update Today, CISA—through the Joint Cyber Defense Collaborative and...

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

January 13, 2025

CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure

January 13, 2025

CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure Today, CISA and the Office...

Year: 2025

CVE Alert: CVE-2024-42181

CVE Alert: CVE-2024-42180

CVE Alert: CVE-2025-0399

CVE Alert: CVE-2025-0400

CVE Alert: CVE-2024-42179

Building a Cyber-Aware Culture: The Importance of Security Awareness Training

SuperDraft – 300,187 breached accounts

Scholastic – 4,247,768 breached accounts

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies

CISA: Microsoft Releases December 2024 Security Updates

CISA: Ivanti Releases Security Updates for Multiple Products

CISA: Cisco Releases Security Updates for NX-OS Software

CISA: CISA Releases Seven Industrial Control Systems Advisories

CISA: CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector

CISA: Adobe Releases Security Updates for Multiple Products

CISA: Apple Releases Security Updates for Multiple Products

CISA: CISA Releases Ten Industrial Control Systems Advisories

CISA: CISA Requests Public Comment for Draft National Cyber Incident Response Plan Update

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Five Industrial Control Systems Advisories

[QILIN] – Ransomware Victim: CAHOKIA CUSD 187 SCHOOL DISTRICT

[BABUK2] – Ransomware Victim: Babuk Locker 2[.]0 affiliate program 2025

[AKIRA] – Ransomware Victim: Best Telecom Laos

[AKIRA] – Ransomware Victim: CNQC

[BABUK2] – Ransomware Victim: India’s telecommunication network

You may have missed