Your Daily Dose of Cybersecurity News

Vulnerabilities

Critical VMware Zero-Day Vulnerability Under Active Exploitation

A critical remote code execution vulnerability in VMware vCenter Server is being actively exploited in the wild. CVE-2025-1234 carries a CVSS score of 9.8 and affects all recent versions. Immediate patching is recommended.

May 26, 2026 · SecurityXP Team

Malware & Ransomware

Ransomware Attack Disrupts Major Healthcare Provider Operations

A sophisticated ransomware attack has disrupted operations at a major healthcare provider, affecting patient care systems across multiple facilities. Learn about the attack vectors, impact, and mitigation strategies.

May 25, 2026 · SecurityXP Team

AI/ML Security

New EU AI Security Regulations: What Organizations Need to Know

The European Union has introduced comprehensive AI security regulations requiring organizations to implement security measures for AI systems. We break down the requirements, timelines, and compliance steps.

May 24, 2026 · SecurityXP Team

Latest News

Threat IntelligenceSep 18, 2025·3 min read

CISA Issues Nine Urgent Advisories on Industrial Control Systems Vulnerabilities

In a critical bulletin released on September 18, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published nine new advisories detailing high-severity vulnerabilities affecti...

Threat IntelligenceSep 18, 2025·2 min read

Critical Google Chrome Zero-Day CVE-2025-10585: What You Need to Know

Google has just patched a critical zero-day vulnerability in its Chrome web browser—CVE-2025-10585—which has been actively exploited in the wild. This flaw, a type confusion issue in Chrome’s V8 Ja...

Threat IntelligenceSep 18, 2025·4 min read

Malware Analysis Report on a malicious listener deployed on Ivanti Endpoint Manager Mobile (EPMM) systems

U.S. Cybersecurity and Infrastructure Security Agency’s new Malware Analysis Report on a malicious listener deployed on Ivanti Endpoint Manager Mobile (EPMM) systems by chaining CVE-2025-4427 and C...

Threat IntelligenceJun 22, 2025·5 min read

MSSP Alert Top 250 for 2024: A Deep Dive into the State of Cybersecurity

Discover the key findings from the 2024 MSSP Alert Top 250 report. Explore trends in MSSP growth, profitability, in-house SOCs, and the critical services defining modern cyber defense.

Threat IntelligenceApr 26, 2025·4 min read

Pakistan-Linked APT36 Exploits "Pahalgam Terror Attack" Theme in Multi-Pronged Cyber Espionage Campaign Against India

In a recent and concerning development in the ongoing cyber conflict landscape, the Pakistan-linked Advanced Persistent Threat (APT) group known as APT36 (also referred to as Transparent Tribe) has...

Threat IntelligenceMar 25, 2025·10 min read

Unpacking CVE-2025-29927: A Deep Dive into the Next.js Path Traversal Vulnerability

Next.js has rapidly become a dominant force in the React ecosystem, lauded for its developer experience and performance optimizations. However, like any complex framework, it's not immune to securi...

Threat IntelligenceSep 7, 2024·6 min read

MITRE ATT&CKcon 5.0: Elevating Cybersecurity Knowledge

Cybersecurity remains at the forefront of the global conversation, and MITRE ATT&CKcon 5.0 is a pivotal event in the field. Scheduled for October 22-23, 2024, in McLean, Virginia, the conference se...

Cloud SecuritySep 5, 2024·3 min read

A CyberRisk Alliance Resource: MSSP Alert – Top 250 MSSPs Service Providers 2023 Edition

As cyber threats evolve, so do the strategies to combat them. The latest MSSP Alert: Top 250 MSSPs Service Providers 2023 Edition , released by CyberRisk Alliance , offers valuable insights in

Cloud SecurityApr 13, 2024·4 min read

Securing the Clouds: The Top 10 CSPM Tools Shaping Cloud Security

Introduction In the rapidly evolving landscape of cloud computing, security stands as a paramount concern for organizations across the globe. Cloud Security Posture Management (CSPM) tools have eme...

Cloud SecurityNov 4, 2023·16 min read

MITRE ATT&CK version 14

I. Introduction: Importance of staying updated with frameworks like MITRE ATT&CK In the realm of offensive security, staying updated with frameworks like MITRE ATT&CK is pivotal. It provides a stru...

Security Digest

Get the latest cybersecurity news, vulnerability alerts, and threat intelligence delivered to your inbox.

SecurityXP — Cybersecurity News, Threat Intelligence & Infosec Utilities