Security Intelligence

Critical FortiSIEM vulnerability patched as public exploit circulates

Public exploit for critical CVE-2025-25256 flaw in FortiSIEM is circulating. Patch now or restrict TCP port 7900 to...

Security Intelligence

Fortinet SSL VPNs targeted in renewed brute-force campaign

A surge in brute-force attacks on Fortinet SSL VPNs mirrors a recent spike in attacks against SonicWall firewalls and...

Security Intelligence

WinRAR zero-day exploited in targeted espionage campaigns

WinRAR flaw CVE-2025-8088 exploited in targeting phishing campaign. Update to v7.13 now, audit systems, and boost...

Security Intelligence

Microsoft Exchange flaw could enable cloud takeover in hybrid environments

New Microsoft Exchange flaw (CVE-2025-53786) could let attackers hijack cloud in hybrid setups. Learn how to mitigate...

Security Intelligence

Trend Micro releases mitigation tool for unpatched, exploited Apex One flaw

Critical flaw in Trend Micro Apex One lets attackers execute remote code. Patch coming mid-August; use mitigation tool...

Security Intelligence

Google patches critical Android vulnerabilities in August 2025 security bulletin

Google's August 2025 Android patch fixes critical flaws in System, Qualcomm, and Arm, including RCE bugs already...

Security Intelligence

Update: Akira ransomware group targets SonicWall VPN appliances

Our security team shares new observations related to the attacks on SonicWall VPN appliances, a summary of threat...

Security Intelligence

Akira ransomware targeting SonicWall VPN appliances

Akira ransomware group targeting SonicWall VPN Appliances on the rise.

Security Intelligence

Storm-2603 activity linked to earlier ransomware campaigns

Storm-2603, linked to the ToolShell campaign, used LockBit Black and Warlock ransomware in LATAM and APAC. Researchers...

Security Intelligence

Scattered Spider returns targeting cloud and virtualization infrastructure

Scattered Spider resumes attacks on cloud and virtualization platforms using social engineering, ransomware, and new...

Security Intelligence

Apple patches Safari vulnerability linked to Chrome zero-day exploit

Apple patches CVE-2025-6558 in iOS, macOS & more. Users should update now to stay protected from this and other July 29...

Security Intelligence

CISA adds actively exploited PaperCut NG/MF vulnerability to KEV catalog

Critical vulnerability in print management software, PaperCut NG/MF, actively exploited in the wild and added to CISA's...