Security Intelligence

SonicWall discloses unauthorized access to MySonicWall cloud backup configuration files

SonicWall disclosed on Sept 17, 2025, a breach exposing firewall backup files in MySonicWall accounts; customers with...

Security Intelligence

Self-propagating malware targets GitHub and NPM ecosystems

Supply chain attack hits GitHub & NPM: 187 packages compromised using TruffleHog & Shai-Hulud malware. Learn risks &...

Security Intelligence

Phishing campaign targets Rust developers

A phishing campaign impersonating the Rust Foundation targeted crate developers via spoofed GitHub logins. Learn risks,...

Security Intelligence

CISA warns of exploited flaw in DELMIA Apriso manufacturing software

CISA warns of active exploitation of CVE-2025-5086 in DELMIA Apriso. Critical RCE flaw threatens manufacturing and OT...

Security Intelligence

Akira ransomware campaign against SonicWall: 2 new attack vectors seen

Akira ransomware now exploits two new SonicWall attack vectors: SSLVPN Default Users Group and Virtual Office Portal...

Security Intelligence

September 2025 Patch Tuesday updates for Microsoft

Microsoft’s September 2025 Patch Tuesday fixes 86 flaws, including SMB and Newtonsoft.Json zero days. Learn what’s...

Security Intelligence

Developer Identity Used as Entry Point for npm Supply Chain Attack

npm supply chain attack shows rising phishing risks: compromised maintainer accounts inject malware, highlighting need...

Security Intelligence

Critical vulnerability affecting Argo CD API publicly disclosed

Researchers publicly disclosed a critical vulnerability in Argo CD, a Kubernetes-native continuous deployment tool...

Security Intelligence

WhatsApp vulnerability exploited in targeted zero-click attacks

Learn about CVE-2025-55177, a WhatsApp zero-click flaw added to CISA’s KEV catalog. See its impact on iOS and Mac users...

Security Intelligence

Sitecore vulnerabilities chained into pre-auth remote code execution

Researchers detail critical Sitecore flaws enabling remote code execution. Enterprises urged to patch immediately.

Security Intelligence

Threat actors target Salesforce instances via Salesloft Drift integration

Google warns of OAuth token abuse in Drift-Salesforce integrations, with attackers exfiltrating AWS keys, Snowflake...

Security Intelligence

Sangoma FreePBX warns of active exploitation of unpatched vulnerability

Sangoma warns of active FreePBX zero-day exploits. Restrict ACP access, apply EDGE update, and monitor for patches to...