Cyber-fraudsters move quickly from compromised devices to account takeover to funds transfer, shifting money before many financial institutions can react. ​The original article found on […]
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The vulnerability in […]
New Microsoft Defender Update Issued for Windows 11, Windows 10, and Server Images
Microsoft has rolled out a fresh security intelligence update for Microsoft Defender Antivirus to help secure Windows 11, Windows 10, and Windows Server images. Released […]
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
AÂ China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate “high-velocity” […]
Iran-Linked Hackers Hit M365 Tenants in Middle East Password Spray Campaign
Iran-linked threat actors have launched a coordinated password-spraying campaign targeting Microsoft 365 environments across the Middle East, according to new findings. The activity, observed throughout […]
Threat Actors Exploit LogMeIn Resolve, ScreenConnect in Phishing Campaigns
Threat actors are abusing legitimate remote monitoring and management (RMM) tools LogMeIn Resolve and ScreenConnect in a multi‑stage phishing campaign that blends social engineering, living‑off‑the‑land […]
Fake Installers Spread RATs, Monero Miners in Ongoing Malware Campaign
Fake software installers are being used in a long-running malware operation to drop remote access trojans (RATs), Monero cryptominers, and a new .NET implant across […]
Attackers Exploit Flowise Injection Vulnerability as 15,000+ Instances Remain Exposed
A critical security flaw in Flowise, a popular open-source AI development platform, is currently being exploited in the wild. Tracked as CVE-2025-59528, this code injection […]
The noisy tenants: Engineering fairness in multi-tenant SIEM solutions
I recently had the opportunity to review five popular SIEM solutions as part of a judging panel for a Security award. While each platform had […]
The rise of proactive cyber: Why defense is no longer enough
For more than two decades, cybersecurity has been built on a reactive model: detect intrusions, patch vulnerabilities, respond to incidents, and repeat. That model is […]