Security Intelligence

Update on-prem ConnectWise Automate to secure agent traffic & file validation

ConnectWise recently released version 2025.9 of its Automate platform to address two vulnerabilities affecting agent...

Security Intelligence

Gladinet patches critical vulnerability exploited in the wild

Gladinet patches a critical zero-day flaw in CentreStack and Triofox (CVE-2025-11371) exploited in the wild. Rapid...

Security Intelligence

F5 breached by nation-state actor; BIG-IP source code and vulnerability data stolen

F5 confirms a major breach: BIG-IP code and vulnerability data stolen. Get the details, patch guidance, and mitigation...

Security Intelligence

Microsoft's record-breaking October 2025 Patch Tuesday fixes 175 flaws

Microsoft’s October 2025 Patch Tuesday fixes 175 vulnerabilities, including three zero-days under active exploitation...

Security Intelligence

Oracle issues second emergency patch amid active EBS exploitation

Oracle issues a second emergency patch for CVE-2025-61884 as ShinyHunters exploit EBS Runtime UI flaw. Affected users...

Security Intelligence

RondoDox botnet exploits 50+ flaws across 30 vendors in active campaign

The RondoDox botnet exploits over 50 flaws in internet-facing devices such as routers, digital video records, CCTV, web...

Security Intelligence

SonicWall cloud backup breach: All configuration files accessed, remediation urged

SonicWall confirms all MySonicWall cloud backups were accessed. Users urged to rotate credentials, restrict remote...

Security Intelligence

Oracle EBS flaw exploited in active ransomware campaigns

CISA adds Oracle E-Business Suite flaw CVE-2025-61882 to KEV list. Actively exploited in ransomware campaigns—patch now...

Security Intelligence

Legacy vulnerabilities remain prime targets of exploitation

Legacy vulnerabilities like Shellshock and IE ActiveX flaws remain prime targets. Learn why old CVEs persist in CISA’s...

Security Intelligence

Critical Redis vulnerability affects versions with Lua scripting enabled

Redis has patched a critical Lua scripting vulnerability (CVE-2025-49844) with a CVSS 10.0 rating. Learn how to...

Security Intelligence

Legacy Hikvision camera vulnerability resurfaces in active exploits

Hikvision CVE-2017-7921 flaw resurfaces in active exploits. Attackers target unpatched IP cameras, stealing data via...

Security Intelligence

Executive extortion campaign claims Oracle EBS data theft

Executives hit by Oracle EBS-related extortion campaign—fake data theft claims, FIN11 links, and credential abuse...