A significant data exposure incident has affected the cloud-based invoicing platform Invoicely, potentially compromising sensitive information belonging to customers worldwide. The exposed database contained 178,519 […]
Elastic Cloud Enterprise Flaw Lets Attackers Run Malicious Commands
Elastic has released a critical security update for Elastic Cloud Enterprise (ECE) addressing a template engine injection flaw that could allow attackers with admin privileges […]
EU to sign UN Convention on Cybercrime
The Council of Europe has authorized the European Commission and member states to sign the United Nations Convention against Cybercrime. The international treaty establishes common […]
Clevo UEFI Leak Allows Signing of Malicious Firmware with BootGuard Keys
Clevo accidentally exposed private keys used in its Intel Boot Guard implementation, allowing attackers to sign malicious firmware that would be trusted during the earliest […]
Gladinet file sharing zero-day brings patched flaw back from the dead
Criminals have been spotted exploiting a new zero-day vulnerability in Gladinet CentreStack and Triofox file sharing servers that could allow them to re-create the conditions […]
Hidden Cost of MFT Vulnerabilities: Why CVE-2025-10035 Demands a New Security Playbook
When Fortra disclosed CVE-2025-10035 in GoAnywhere MFT last month, many security teams likely experienced a familiar sinking feeling. Another critical vulnerability. Another emergency patch cycle. […]
CyberSmart Become a National Ambassador of the NCRCG
With Cyber Security Awareness Month firmly underway, the National Cyber Resilience Centre Group (NCRCG) has proudly welcomed CyberSmart on board as a National Ambassador. Funded and supported […]
Financial, Other Industries Urged to Prepare for Quantum Computers
Despite daunting technical challenges, a quantum computer capable of breaking public-key encryption systems may only be a decade or two off. ​The original article found […]
Critical infrastructure CISOs Can’t Ignore ‘Back-Office Clutter’ Data
OT and ICS systems indeed hold the crown jewels of critical infrastructure organizations, but unmonitored data sprawl is proving to be pure gold for increasingly […]
Hackers Target macOS Users with Fake Homebrew Websites to Deliver Malicious Payloads
In September 2025, Kandji’s security researchers uncovered a sophisticated campaign in which attackers deployed multiple spoofed Homebrew installer sites that perfectly mimic the official brew.sh […]