SAP disclosed a critical zero-day vulnerability, identified as CVE-2025-31324, in its NetWeaver Visual Composer component. This vulnerability, with a maximum CVSSv3 severity score of 10.0, stems […]
_Muhammad_R._Fakhrurrozi_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Forget the Stack; Focus on Control
Security teams are under more pressure than ever — and cybersecurity debt is adding fuel to the fire. While it can’t be eliminated overnight, it […]
Windows 11 25H2 Expected to Launch with Minor Changes
Microsoft is quietly preparing the next update to its flagship operating system, Windows 11 25H2, with new evidence pointing toward a September–October 2025 release. Unlike the […]
_NicoElNino_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
DoJ Data Security Program Highlights Data Sharing Challenges
The Department of Justice announced compliance rules for the Data Security Program that will require organizations to reexamine how they do business and with whom. […]
How Breaches Start: Breaking Down 5 Real Vulns
Not every security vulnerability is high risk on its own – but in the hands of an advanced attacker, even small weaknesses can escalate into […]
China Claims U.S. Cyberattack Targeted Leading Encryption Company
China has accused U.S. intelligence agencies of carrying out a sophisticated cyberattack against one of its foremost commercial cryptography providers, resulting in the theft of […]
Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools
Government and telecommunications sectors in Southeast Asia have become the target of a “sophisticated” campaign undertaken by a new advanced persistent threat (APT) group called […]
WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors
Cybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a “critical patch” but […]
Viasat Modems Zero-Day Vulnerabilities Let Attackers Execute Remote Code
A severe zero-day vulnerability has been uncovered in multiple Viasat satellite modem models, including the RM4100, RM4200, EM4100, RM5110, RM5111, RG1000, RG1100, EG1000, and EG1020. […]
Critical FastCGI Library Flaw Exposes Embedded Devices to Code Execution
A severe vulnerability (CVE-2025-23016) in the FastCGI library-a core component of lightweight web server communication been disclosed, threatening countless embedded and IoT devices with remote […]