Resources
Australia Issues Urgent Warning as Cisco IOS XE Exploit Sees Ongoing Attacks
Australian authorities have issued an urgent warning over active exploitation of CVE-2023-20198, a critical Cisco IOS XE flaw used to deploy the persistent “BadCandy” webshell. ...
CISA Adds XWiki and Broadcom VMware Flaws to Known Exploited Vulnerabilities Catalog
CISA has added critical XWiki and VMware vulnerabilities to its Known Exploited list, confirming active attacks and urging immediate patching under federal security mandates.
CISA Alerts to Actively Exploited Vulnerabilities in DELMIA Apriso by Dassault Systèmes
CISA warns that two vulnerabilities in DELMIA Apriso (CVE-2025-6204 and CVE-2025-6205) are under active exploitation, urging immediate patching across manufacturing operations.
SailPoint Identity Risk Review: Intelligent Identity Threat Detection
SailPoint Identity Risk delivers advanced visibility into identity-based threats across human and machine accounts. It unifies access intelligence, behavioral analytics, and risk-based policy automation for ...
WhatsApp Hack Uncovers 2 Low-Risk Vulnerabilities, No Arbitrary Code Execution
Meta has patched two low-risk WhatsApp flaws—CVE-2025-55177 and CVE-2025-30401—affecting desktop and mobile sync features. Both required user interaction and posed no remote code execution risk, ...
TP-Link Patches Critical Omada Gateway Vulnerabilities Preventing Remote Attacks
TP-Link has patched four critical flaws—two enabling unauthenticated remote code execution—affecting Omada gateway devices. The vulnerabilities (CVE-2025-6542, -6541, -7850, -7851) impact multiple ER, G, and ...
Critical WSUS Flaw (CVE-2025-61884) Drives Elevated RCE Attacks on Windows Server
A critical RCE flaw, CVE-2025-59287, in Microsoft WSUS allows unauthenticated attackers to gain SYSTEM access via unsafe deserialization. Despite patches, active exploitation continues, prompting urgent ...
Hackers Exploit “SessionReaper” Flaw in Adobe Magento to Hijack E-Commerce Stores
SessionReaper (CVE-2025-54236) is being actively exploited in Adobe Commerce and Magento stores, enabling account takeover and web-shell deployment as more than 60% of installations remain ...
Post-Patch ‘ToolShell’ Exploit: CVE-2025-53770 Abused in Microsoft SharePoint
Chinese state-backed hackers are exploiting a critical Microsoft SharePoint flaw, CVE-2025-53770 “ToolShell,” enabling unauthenticated remote code execution and data theft. Despite emergency patches, exploitation persists, ...
CISA Warns of Lanscope Endpoint Manager Vulnerability Exploited in Attacks
CISA warns that a critical Lanscope Endpoint Manager flaw (CVE-2025-61932) is being exploited in the wild, prompting urgent patching and endpoint management lockdowns globally.
Weekly Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
This Week In Cybersecurity: 23rd June to 27th June
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
This Week In Cybersecurity: 26th to 30th May, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
This Week In Cybersecurity: 19th to 23rd May, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
This Week In Cybersecurity: 21st – 25th April, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.