Security Intelligence

Veeam addresses flaws in backup servers

Veeam patches critical flaws in backup software. Exploits risk data theft, privilege abuse. Update now and harden...

Security Intelligence

Malicious package disguised as a helper module for Chimera Sandbox

A malicious npm package mimicking Chimera Sandbox exposes risks in open-source supply chains—stealing cloud creds,...

Security Intelligence

Mitel MiCollab critical advisory; POC for flaws in Mitel SIP phones

Researchers published a POC exploit for critical Mitel SIP flaw; a second MiCollab flaw allows remote, unauthenticated...

Security Intelligence

Weekly threat roundup: M365 Copilot, ConnectWise, SAP, & more

Our weekly roundup of cyber threats. This week, we cover critical vulnerabilities in Microsoft, ConnectWise, SAP...

Security Intelligence

Weekly threat roundup: TA397, also known as Bitter

Our weekly roundup of cyber intel related to threat actors. This week, we look at recent activity from TA397 aka Bitter.

Security Intelligence

Critical vulnerability in Microsoft 365 Copilot

New attack method, EchoLeak, exploits a zero-click AI flaw in M365 Copilot. No action needed, but the threat reveals a...

Security Intelligence

ConnectWise to rotate certificates, ICS patches include max-severity flaw

ConnectWise rotating its signing certificate to address config handling issues in older ScreenConnect versions, ICS...

Security Intelligence

Patch Tuesday updates from Microsoft and SAP

Patch Tuesday updates from Microsoft and SAP fix critical and high-severity flaws, including one exploited and one...

Security Intelligence

Mirai variant targets new flaws; POC for two Windows flaws published; TA397 linked to Indian State

Mirai botnet exploits Wazur and DVR flaws; Windows Kernel bugs get POCs; TA397 linked to Indian state in latest...

Security Intelligence

9,000 ASUS routers compromised in botnet campaign

Stealthy campaign, dubbed 'AyySSHusH,' compromises over 9,000 ASUS routers.

Security Intelligence

Confirmed: MathWorks outage due to ransomware attack

MathWorks confirms ransomware attack responsible for disrupting customer-facing and internal systems.

Security Intelligence

China-linked threat actor breaches government networks with Trimble flaw

China-linked UAT-6382 observed exploiting critical vulnerability in Trimble's Cityworks software to infiltrate U.S....