Resources
CISA Flags Critical Fortinet FortiWeb Path Traversal Flaw as Actively Exploited
CISA has confirmed active exploitation of CVE-2024-40446, a critical path traversal flaw in Fortinet FortiWeb 8.0.0 that allows unauthenticated attackers to read arbitrary system files. ...
RondoDox Botnet Exploits Critical Eval Injection Flaw in XWiki
RondoDox botnet operators are exploiting CVE-2025-24893, a critical 9.8-rated eval injection flaw in XWiki that enables unauthenticated remote code execution. Attackers are hijacking unpatched XWiki ...
How TTP-Based Defenses Outperform Traditional IoC Hunting
Behavior-based detection is replacing traditional IoC-driven security as organizations focus on identifying attacker tactics and behaviors instead of static indicators. By analyzing TTPs like credential ...
ASUS Patches Critical Authentication Bypass Vulnerability in DSL Series Routers
ASUS released urgent firmware updates to fix a critical authentication bypass flaw in multiple DSL routers, warning users to patch immediately and disable internet-exposed services.
Microsoft Patch Tuesday Fixes 60+ Bugs, Including Actively Exploited Windows Kernel Zero-Day
Microsoft’s November 2025 Patch Tuesday fixes over 60 vulnerabilities, including an actively exploited Windows Kernel zero-day (CVE-2025-30080) enabling privilege escalation. The flaw—used in real-world attacks—poses ...
Triofox CVE-2025-12480 Exploited in Attacks Despite Available Patch
Google’s Mandiant confirmed active exploitation of CVE-2025-12480, a critical authentication bypass flaw in Gladinet’s Triofox platform. The vulnerability allows unauthorized admin access and remote code ...
Critical runC Vulnerabilities Undermine Container Isolation in Docker and Kubernetes
Security researchers disclosed three severe runC vulnerabilities (CVE-2024-21626, -23651, -23652) enabling container escapes in Docker and Kubernetes. The flaws allow host-level command injection and privilege ...
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
A zero-day flaw in Samsung Galaxy devices (CVE-2025-21042) was exploited to deploy LANDFALL spyware across the Middle East, enabling full device compromise and covert data ...
Cisco Warns of New Attack Variant Exploiting Secure Firewall ASA and FTD Vulnerabilities
Cisco has warned of a new attack variant targeting its Secure Firewall ASA and FTD devices, exploiting CVE-2025-20333 and CVE-2025-20362 in tandem for remote code ...
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
CISA has warned of active exploitation of a critical flaw (CVE-2022-44877) in CentOS Web Panel, allowing unauthenticated remote code execution. Administrators are urged to patch ...
Weekly Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
This Week In Cybersecurity: 23rd June to 27th June
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
This Week In Cybersecurity: 26th to 30th May, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
This Week In Cybersecurity: 19th to 23rd May, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
This Week In Cybersecurity: 21st – 25th April, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.