Resources
Critical Vulnerability in SmarterTools SmarterMail Poses Severe Cybersecurity Risk
The Cyber Security Agency of Singapore warns of a dangerous remote code execution vulnerability in SmarterTools SmarterMail, CVE-2025-52691, with a CVSS score of 10.0.
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
Fortinet has flagged a resurgence in the exploitation of CVE-2020-12812, a vulnerability in FortiOS that allows attackers to bypass two-factor authentication. This poses significant risks ...
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
Authorities arrest a Lithuanian individual suspected of deploying clipboard-stealer malware through KMSAuto, impacting 2.8 million computers. The tool, camouflaged as a utility for unauthorized Windows ...
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812
Fortinet has identified ongoing exploitation of the five-year-old FortiOS SSL VPN flaw CVE-2020-12812, revealing it poses significant risks in specific configurations.
CISA Issues Urgent Advisory on Digiever NVRs Due to Known Exploited Vulnerability
CISA has highlighted CVE-2023-52163, a vulnerability in Digiever NVRs, for active exploitation, advising immediate update and security precautions.
Ukrainian Nefilim Ransomware Affiliate Pleads Guilty in U.S.
Artem Stryzhak, an alleged affiliate of the Nefilim ransomware group, has pleaded guilty to conspiracy to commit computer fraud in the United States. Extradited earlier ...
LongNosedGoblin: A New Threat from China Targets Southeast Asia and Japan
ESET reports the emergence of LongNosedGoblin, an uncharted threat targeting governmental bodies in Southeast Asia and Japan since September 2023. The group's focus is cyber ...
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
Atlassian has released security updates targeting multiple vulnerabilities, including critical-severity issues in products like Apache Tika. One major flaw is an XML External Entity (XXE) ...
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
FreePBX, an open-source private branch exchange (PBX) platform, has multiple security vulnerabilities. A critical flaw (CVE-2025-61675) allows authentication bypass under certain configurations.
Apple Patches Critical Vulnerabilities Across Multiple Platforms
Apple releases crucial security patches for iOS, iPadOS, macOS, watchOS, and more, targeting two actively exploited vulnerabilities. Among these is CVE-2025-43529, a significant use-after-free flaw ...
Weekly Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
This Week In Cybersecurity: 23rd June to 27th June
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
This Week In Cybersecurity: 26th to 30th May, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
This Week In Cybersecurity: 19th to 23rd May, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
This Week In Cybersecurity: 21st – 25th April, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.