Security Intelligence

Warlock ransomware: Opportunistic campaigns with strategic implications

Warlock, a newly emerged ransomware family, is at the center of a high-impact cyberattack campaign affecting the...

Security Intelligence

Commvault vulnerabilities chained into pre-auth RCE

Commvault patches four flaws in on-prem systems; researchers release exploit chains that risk RCE, data theft, and...

Security Intelligence

New attack method weaponizes privileged browser extensions

New DEF CON 33 research reveals DOM-based extension clickjacking—an attack exploiting browser extensions like password...

Security Intelligence

New exploit chains known SAP NetWeaver flaws

New SAP NetWeaver exploit chains CVE-2025-31324 & CVE-2025-42999, enabling stealthy system compromise. Learn defense...

Security Intelligence

Fortinet FortiWeb authentication bypass: Exploit release pending

Fortinet patches FortiWeb flaw CVE-2025-52970 (FortMajeure). Public exploit release looms—organizations urged to patch...

Security Intelligence

Cisco August patches include maximum severity flaw in FMC

Cisco warns of critical FMC flaw (CVE-2025-20265) with CVSS 10.0 allowing remote code execution; patch now, no...

Security Intelligence

Two critical N-able N-central vulnerabilities exploited

Two critical N-able N-central flaws are being exploited. Learn the risks, impacted versions, and how businesses can...

Security Intelligence

Critical FortiSIEM vulnerability patched as public exploit circulates

Public exploit for critical CVE-2025-25256 flaw in FortiSIEM is circulating. Patch now or restrict TCP port 7900 to...

Security Intelligence

Fortinet SSL VPNs targeted in renewed brute-force campaign

A surge in brute-force attacks on Fortinet SSL VPNs mirrors a recent spike in attacks against SonicWall firewalls and...

Security Intelligence

WinRAR zero-day exploited in targeted espionage campaigns

WinRAR flaw CVE-2025-8088 exploited in targeting phishing campaign. Update to v7.13 now, audit systems, and boost...

Security Intelligence

Microsoft Exchange flaw could enable cloud takeover in hybrid environments

New Microsoft Exchange flaw (CVE-2025-53786) could let attackers hijack cloud in hybrid setups. Learn how to mitigate...

Security Intelligence

EDR killers and BYOVD attacks

EDRKillShifter used in recent ransomware attacks. Learn how it works, its risks, and how Field Effect MDR protects...