Mailcow Mail Server Flaws Expose Servers to Remote Code Execution
Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors...
News
VMware Discloses Critical Vulnerabilities, Urges Immediate Remediation
VMware has disclosed critical vulnerabilities impacting its VMware vSphere and VMware Cloud Foundation products, urging customers to immediately install updates...
Report Reveals Record Exploitation Rate For Load Balancers
Threat actors are increasingly targeting edge devices known as load balancers, according to new data from Action1 which revealed a...
92% of Organizations Hit by Credential Compromise from Social Engineering Attacks
More than nine in 10 (92%) organizations experienced an average of six credential compromises caused by email-based social engineering attacks...
Quarter of Firms Suffer an API-Related Breach
Digital transformation projects appear to be accelerating faster than organizations’ efforts to secure them, with nearly a quarter (23%) admitting they...
Signal Foundation Warns Against EU’s Plan to Scan Private Messages for CSAM
A controversial proposal put forth by the European Union to scan users' private messages for detection child sexual abuse material...
Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer
Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called...
VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited...
New Malware Targets Exposed Docker APIs for Cryptocurrency Mining
Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering...
The Annual SaaS Security Report: 2025 CISO Plans and Priorities
Seventy percent of enterprises are prioritizing investment in SaaS security by establishing dedicated teams to secure SaaS applications, as part...
Singapore Police Extradites Malaysians Linked to Android Malware Fraud
The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a...
London Ransomware Attack Led to 1500 Cancelled Appointments and Operations
Over 800 planned operations and 700 outpatient appointments had to be rearranged in the first week after a critical ransomware...
Academics Develop Testing Benchmark for LLMs in Cyber Threat Intelligence
Large language models (LLMs) are increasingly used for cyber defense applications, although concerns about their reliability and accuracy remain a...
Los Angeles Public Health Department Discloses Large Data Breach
Los Angeles County Department of Public Health (DPH) has disclosed a data breach impacting more than 200,000 individuals.The data stolen...
Meta Pauses European GenAI Development Over Privacy Concerns
Meta has delayed plans to train its large language models (LLMs) using public content shared on Facebook and Instagram following...
China Attempted Covert Military Drone Tie-Up With UK University – Report
A new report has revealed apparently secretive attempts by a Chinese state-owned enterprise to access cutting-edge AI research at a...
US-CERT Vulnerability Summary for the Week of June 10, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models
ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious...
China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in...
What is DevSecOps and Why is it Essential for Secure Software Delivery?
Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the...
NiceRAT Malware Targets South Korean Users via Cracked Software
Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which...
Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake...
UK General Election: Tech Policy Expert Calls for Law Overhaul to Combat Deepfakes
Three weeks before the UK general election, Matthew Feeney, head of tech and innovation at the UK-based Centre for Policy...
Microsoft Admits Security Failings Allowed China to Access US Government Emails
Microsoft President Brad Smith had admitted security failings by the firm in enabling Chinese state hackers access the emails of...