Security Intelligence

Citrix fixes another critical flaw, already exploited

Citrix fixes critical NetScaler flaw (CVE-2025-6543) under active attack; patch now to prevent remote DoS on...

Security Intelligence

Citrix addresses NetScaler vulnerabilities

Citrix patches critical NetScaler flaws, including CVE-2025-5777—akin to CitrixBleed—that could expose memory and...

Security Intelligence

Cybersecurity threats amid Middle East escalation

U.S.-Iran tensions raise cyber risks. Field Effect assesses threat level, risk to clients, and how MDR helps reduce...

Security Intelligence

Two public exploits for Linux, one observed in the wild

Exploits for three Linux vulnerabilities give attackers root access. One is active in the wild—patch now and audit...

Security Intelligence

Veeam addresses flaws in backup servers

Veeam patches critical flaws in backup software. Exploits risk data theft, privilege abuse. Update now and harden...

Security Intelligence

Malicious package disguised as a helper module for Chimera Sandbox

A malicious npm package mimicking Chimera Sandbox exposes risks in open-source supply chains—stealing cloud creds,...

Security Intelligence

Mitel MiCollab critical advisory; POC for flaws in Mitel SIP phones

Researchers published a POC exploit for critical Mitel SIP flaw; a second MiCollab flaw allows remote, unauthenticated...

Security Intelligence

Weekly threat roundup: M365 Copilot, ConnectWise, SAP, & more

Our weekly roundup of cyber threats. This week, we cover critical vulnerabilities in Microsoft, ConnectWise, SAP...

Security Intelligence

Weekly threat roundup: TA397, also known as Bitter

Our weekly roundup of cyber intel related to threat actors. This week, we look at recent activity from TA397 aka Bitter.

Security Intelligence

Critical vulnerability in Microsoft 365 Copilot

New attack method, EchoLeak, exploits a zero-click AI flaw in M365 Copilot. No action needed, but the threat reveals a...

Security Intelligence

ConnectWise to rotate certificates, ICS patches include max-severity flaw

ConnectWise rotating its signing certificate to address config handling issues in older ScreenConnect versions, ICS...

Security Intelligence

Patch Tuesday updates from Microsoft and SAP

Patch Tuesday updates from Microsoft and SAP fix critical and high-severity flaws, including one exploited and one...