Security researchers have identified a critical vulnerability in Roundcube Webmail that affects over 84,000 unpatched installations worldwide, according to data from The Shadowserver Foundation. The […]
Vulnerability in DanaBot Malware C2 Server Leaks Threat Actor Usernames and Crypto Keys
A severe vulnerability in the command-and-control (C2) infrastructure of the notorious DanaBot malware has been uncovered, potentially exposing critical data belonging to threat actors. Researchers […]
Sensata Technologies Faces Disruption Due to Ransomware Attack
Sensata Technologies, Inc., a major technology company based in Attleboro, Massachusetts, has disclosed a significant cybersecurity incident that compromised personal information of hundreds of individuals. […]
CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two critical security flaws impacting Erlang/Open Telecom Platform (OTP) SSH and Roundcube to its […]
Google Vulnerability Allowed Hackers to Access User Phone Numbers
A security researcher has disclosed a critical vulnerability in Google’s account recovery system that allowed attackers to brute-force and obtain the phone numbers of any […]
ManageEngine Exchange Reporter Plus Vulnerability Enables Remote Code Execution
A critical security vulnerability has been discovered in ManageEngine Exchange Reporter Plus, a popular email monitoring and reporting solution, that could allow attackers to execute […]
Trump takes aim at Biden’s cyber executive order but leaves it largely untouched
The Trump administration issued an executive order entitled “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144.” […]
New Trump Cybersecurity Order Reverses Biden, Obama Priorities
The White House put limits on cyber sanctions, killed the digital ID program, and refocused the government’s cyber activities to enabling AI, rolling out post-quantum […]
Gartner: How Security Teams Can Turn Hype Into Opportunity
During the opening keynote at Gartner Security & Risk Management Summit 2025, analysts weighed in on how CISOs and security teams can use security fervor […]
‘Librarian Ghouls’ Cyberattackers Strike at Night
Since at least December, the advanced persistent threat (APT) group has been using legit tools to steal data, dodge detection, and drop cryptominers on systems […]