Citrix has issued an urgent advisory for NetScaler users following the release of builds 14.1.47.46 and 13.1.59.19, warning of potential authentication disruptions stemming from a […]
Threat Actors Exploit .COM TLD to Host Widespread Credential Phishing Sites
Threat actors have dramatically increased their exploitation of the cybersecurity sector, which is a disturbing development. Spain’s country code TLD, ES, is used to plan […]
New Cyber Blueprint Aims to Guide Organizations on AI Journey
Deloitte’s new blueprint looks to bridge the gap between the massive push for AI adoption and a lack of preparedness among leaders and employees. ​The […]
Azure API Vulnerabilities Expose VPN Keys and Grant Over-Privileged Access via Built-In Roles
Token Security experts recently conducted a thorough investigation that exposed serious security weaknesses in Microsoft Azure’s Role-Based Access Control (RBAC) architecture. Azure RBAC, the backbone […]
Apache Tomcat and Camel Vulnerabilities Actively Targeted in Cyberattacks
The Apache Foundation disclosed several critical vulnerabilities affecting two of its widely used software platforms, Apache Tomcat and Apache Camel, sparking immediate concern among cybersecurity […]
Hardcoded root credentials in Cisco Unified CM trigger max-severity alert
Cisco (Nasdaq:CSCO) has patched a max severity flaw in its Unified Communications Manager (Unified CM) and Session Management Edition (Unified CM SME) products that could […]
13-Year-Old Dylan Joins Forces with Microsoft Security Response Center as the Youngest Security Researcher
Dylan, 13, has accomplished a remarkable achievement by becoming the youngest security researcher to work with the Microsoft Security Response Center (MSRC), leaving his mark […]
Dark Web Vendors Shift to Third Parties, Supply Chains
As attacks on software supply chains and third parties increase, more data on critical software and infrastructure services is being advertised and sold on the […]
Attackers Impersonate Top Brands in Callback Phishing
Microsoft, PayPal, Docusign, and others are among the trusted brands threat actors use in socially engineered scams that try to get victims to call adversary-controlled […]
Microsoft Edge Fixes Actively Exploited Chromium Flaw — Update Immediately
Microsoft has released a critical security update for its Edge browser, addressing a high-severity vulnerability in the Chromium engine that is currently being exploited in […]