News CISA: High-severity Windows SMB flaw now exploited in attacks
CISA says threat actors are now actively exploiting a high-severity Windows SMB privilege escalation vulnerability that ...
news
News 
News Over 75,000 WatchGuard security devices vulnerable to critical RCE
Nearly 76,000 WatchGuard Firebox network security appliances are exposed on the public web and still vulnerable to a cri...
News Self-spreading GlassWorm malware hits OpenVSX, VS Code registries
A new and ongoing supply-chain attack is targeting developers on the OpenVSX and Microsoft Visual Studio marketplaces wi...
News Find hidden malicious OAuth apps in Microsoft 365 using Cazadora
Author: Matt Kiely, Principal Security Researcher at Huntress Labs Tl;dr: If you manage even one Microsoft 365 tenant, i...
News Microsoft warns of Windows smart card auth issues after October updates
Microsoft says the October 2025 Windows security updates are causing smart card authentication and certificate issues du...
News TikTok videos continue to push infostealers in ClickFix attacks
Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, a...
News Google ads for fake Homebrew, LogMeIn sites push infostealers
A new malicious campaign is targeting macOS developers with fake Homebrew, LogMeIn, and TradingView platforms that deliv...
News ConnectWise fixes Automate bug allowing AiTM update attacks
ConnectWise released a security update to address vulnerabilities, one of them with critical severity, in Automate produ...
News American Airlines subsidiary Envoy confirms Oracle data theft attack
Envoy Air, a regional airline carrier owned by American Airlines, confirms that data was compromised from its Oracle E-B...
News Europol dismantles SIM box operation renting numbers for cybercrime
European law enforcement in an operation codenamed 'SIMCARTEL' has dismantled an illegal SIM-box service that enabled mo...