SecurityXP — Cybersecurity News

Critical VMware Zero-Day Vulnerability Under Active Exploitation

SecurityXP Team — Tue, 26 May 2026 00:00:00 GMT

A critical remote code execution vulnerability in VMware vCenter Server is being actively exploited in the wild. CVE-2025-1234 carries a CVSS score of 9.8 and affects all recent versions. Immediate patching is recommended.

Ransomware Attack Disrupts Major Healthcare Provider Operations

SecurityXP Team — Mon, 25 May 2026 00:00:00 GMT

A sophisticated ransomware attack has disrupted operations at a major healthcare provider, affecting patient care systems across multiple facilities. Learn about the attack vectors, impact, and mitigation strategies.

New EU AI Security Regulations: What Organizations Need to Know

SecurityXP Team — Sun, 24 May 2026 00:00:00 GMT

The European Union has introduced comprehensive AI security regulations requiring organizations to implement security measures for AI systems. We break down the requirements, timelines, and compliance steps.

CISA Issues Nine Urgent Advisories on Industrial Control Systems Vulnerabilities

Staff — Thu, 18 Sep 2025 00:00:00 GMT

In a critical bulletin released on September 18, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published nine new advisories detailing high-severity vulnerabilities affecti...

Critical Google Chrome Zero-Day CVE-2025-10585: What You Need to Know

Staff — Thu, 18 Sep 2025 00:00:00 GMT

Google has just patched a critical zero-day vulnerability in its Chrome web browser—CVE-2025-10585—which has been actively exploited in the wild. This flaw, a type confusion issue in Chrome’s V8 Ja...

Malware Analysis Report on a malicious listener deployed on Ivanti Endpoint Manager Mobile (EPMM) systems

Staff — Thu, 18 Sep 2025 00:00:00 GMT

U.S. Cybersecurity and Infrastructure Security Agency’s new Malware Analysis Report on a malicious listener deployed on Ivanti Endpoint Manager Mobile (EPMM) systems by chaining CVE-2025-4427 and C...

MSSP Alert Top 250 for 2024: A Deep Dive into the State of Cybersecurity

Staff — Sun, 22 Jun 2025 00:00:00 GMT

Discover the key findings from the 2024 MSSP Alert Top 250 report. Explore trends in MSSP growth, profitability, in-house SOCs, and the critical services defining modern cyber defense.

Pakistan-Linked APT36 Exploits "Pahalgam Terror Attack" Theme in Multi-Pronged Cyber Espionage Campaign Against India

Staff — Sat, 26 Apr 2025 00:00:00 GMT

In a recent and concerning development in the ongoing cyber conflict landscape, the Pakistan-linked Advanced Persistent Threat (APT) group known as APT36 (also referred to as Transparent Tribe) has...

Unpacking CVE-2025-29927: A Deep Dive into the Next.js Path Traversal Vulnerability

Staff — Tue, 25 Mar 2025 00:00:00 GMT

Next.js has rapidly become a dominant force in the React ecosystem, lauded for its developer experience and performance optimizations. However, like any complex framework, it's not immune to securi...

MITRE ATT&CKcon 5.0: Elevating Cybersecurity Knowledge

Staff — Sat, 07 Sep 2024 00:00:00 GMT

Cybersecurity remains at the forefront of the global conversation, and MITRE ATT&CKcon 5.0 is a pivotal event in the field. Scheduled for October 22-23, 2024, in McLean, Virginia, the conference se...

A CyberRisk Alliance Resource: MSSP Alert – Top 250 MSSPs Service Providers 2023 Edition

Staff — Thu, 05 Sep 2024 00:00:00 GMT

As cyber threats evolve, so do the strategies to combat them. The latest MSSP Alert: Top 250 MSSPs Service Providers 2023 Edition , released by CyberRisk Alliance , offers valuable insights in

Securing the Clouds: The Top 10 CSPM Tools Shaping Cloud Security

Staff — Sat, 13 Apr 2024 00:00:00 GMT

Introduction In the rapidly evolving landscape of cloud computing, security stands as a paramount concern for organizations across the globe. Cloud Security Posture Management (CSPM) tools have eme...

MITRE ATT&CK version 14

Staff — Sat, 04 Nov 2023 00:00:00 GMT

I. Introduction: Importance of staying updated with frameworks like MITRE ATT&CK In the realm of offensive security, staying updated with frameworks like MITRE ATT&CK is pivotal. It provides a stru...

Optimizing Security with OPSWAT Solutions

Staff — Mon, 15 May 2023 00:00:00 GMT

OPSWAT provides advanced cybersecurity solutions that help organizations optimize security measures.

Leading Vulnerability Scanners: Benefits and Use Cases

Staff — Sun, 14 May 2023 00:00:00 GMT

Leading vulnerability scanners provide comprehensive security assessment and management capabilities, allowing organizations to identify and remediate potential vulnerabilities in their IT infrastructure. From real-time scanning to automated reporting, these tools offer a range of benefits and use cases, helping businesses to mitigate risks, meet compliance requirements, and enhance overall security posture.

Centralized Log Management & SIEM Solutions: Benefits & Top Picks

Staff — Sat, 13 May 2023 00:00:00 GMT

Centralized Log Management & SIEM Solutions: Benefits & Top Picks Centralized log management and SIEM solutions are crucial components of modern IT security infrastructure. They allow businesses to monitor and analyze network activity, detect potential threats, and respond to incidents in real-time. In this article, we’ll explore the benefits of centralized log management and SIEM solutions, and recommend some of the top picks in the market.

DevsecOps: Advantages of Multi-Level Application Security Testing

Staff — Fri, 12 May 2023 00:00:00 GMT

DevsecOps: Multi-Level App Security Testing DevsecOps, an evolution of DevOps, introduces security teams early in the development cycle. This approach enables continuous application security testing across multiple levels, providing a comprehensive security posture. With DevsecOps, organizations can leverage automation, collaboration, and continuous feedback, reducing the time to detect and remediate vulnerabilities.

Optimizing IT Operations with Top CMDB Solutions

Staff — Thu, 11 May 2023 00:00:00 GMT

A Configuration Management Database (CMDB) is a critical component of IT operations. It provides a central repository of an organization's IT assets and their relationships, enabling efficient management of IT infrastructure. Top CMDB solutions offer various features, including automated discovery, data reconciliation, and visualization, that help organizations optimize IT operations. By leveraging the capabilities of CMDB solutions, organizations can reduce the time and effort spent on managing IT assets, ensure compliance, and improve overall IT efficiency.

MITRE ATT&CK version 13

Staff — Mon, 08 May 2023 00:00:00 GMT

MITRE ATT&CK version 13 has been recently launched, bringing some significant updates. These include: Key website enhancements Increased focus on cloud and Linux coverage More detailed det...

Leading DLP Solutions: Maximizing Data Protection

Staff — Fri, 05 May 2023 00:00:00 GMT

As data breaches continue to rise, it's vital for organizations to implement and maintain effective Data Loss Prevention (DLP) solutions. Leading DLP solutions offer comprehensive protection by monitoring and controlling data flow, identifying sensitive information, and enforcing policies to prevent leaks. With the right implementation and configuration, businesses can maximize data protection and avoid costly and damaging breaches.

Maximizing Efficiency: Top MDM Solutions & Benefits

Staff — Wed, 03 May 2023 00:00:00 GMT

Maximizing efficiency in today's business landscape requires powerful tools. MDM solutions provide the necessary capabilities to manage data and streamline operations. Read on to learn more about the top MDM solutions and the benefits they offer.

Exploring Top RASP Solutions for Secure Web Applications

Staff — Mon, 01 May 2023 00:00:00 GMT

As web applications become increasingly complex, the need for robust security measures becomes all the more important. One key solution that is gaining in popularity is RASP, or Runtime Application Self-Protection. Here, we take a closer look at some of the top RASP solutions available today, and how they can help to safeguard your web applications against a range of threats.

Maximizing Online Security: Top DNS Filtering Solutions

Staff — Mon, 01 May 2023 00:00:00 GMT

With the increasing number of cyber attacks, it has become crucial to prioritize online security. One of the most effective ways to do so is by implementing DNS filtering solutions. These solutions not only block malicious websites but also prevent data theft and malware attacks. In this article, we will be discussing the top DNS filtering solutions that can help maximize online security.

CISA Updates Best Practices for MITRE ATT&CK® Mapping

Staff — Sun, 26 Feb 2023 00:00:00 GMT

To protect networks and data, CISA believes that understanding the behavior of adversaries is crucial. The success of network defenders in detecting and mitigating cyberattacks depends on this unde...

ATT&CK v12 is now accessible! Revisions – October 2022

Staff — Tue, 25 Oct 2022 00:00:00 GMT

Updates to Techniques, Groups, and Software for Enterprise, Mobile, and ICS are included in the October 2022 (v12) ATT&CK release. The addition of detections to ATT&CK for ICS and the inclusion of ...

Google Announcing GUAC, a great pairing with SLSA (and SBOM)!

Staff — Thu, 20 Oct 2022 00:00:00 GMT

The industry is collectively aware of the importance of supply chain security. Recent events include a sharp increase in software supply chain attacks, a catastrophic severity and breadth Log4j vul...

Canarytokens. org - Rapid, Free, Mass Detection

Staff — Wed, 19 Oct 2022 00:00:00 GMT

Introduction Web bugs, the transparent images that monitor email opening, are probably already familiar to you. They operate by inserting a special URL in the image tag of a page and keeping an ey

Critical Fortinet auth bypass bug has an exploit available; apply the patch now

Staff — Tue, 18 Oct 2022 00:00:00 GMT

A critical authentication bypass flaw affecting Fortinet's FortiOS, FortiProxy, and FortiSwitchManager appliances now has proof-of-concept exploit code available. Attackers can get around the authe...

Micro Emulation Plans by MITRE-Engenuity

Staff — Tue, 18 Oct 2022 00:00:00 GMT

We enjoy imitating the opposition. In fact, it's so important that they've written, spoken, trained on it, and are still developing and disseminating more emulation plans (including one of the fir...

Organizations in Poland and Ukraine are affected by the new "Prestige" ransomware.

Staff — Tue, 18 Oct 2022 00:00:00 GMT

The Microsoft Threat Intelligence Center (MSTIC) has found evidence of a novel ransomware campaign using a hitherto unidentified ransomware payload that targets businesses in the logistics and tran...

Cloud Web Application and API Protection Magic Quadrant

Staff — Mon, 17 Oct 2022 00:00:00 GMT

The market for protecting cloud web applications and APIs is expanding quickly. You can use this Magic Quadrant to find cloud WAAP providers that provide simple controls and specialised defences ag...

Serverless Top security best practices

Staff — Mon, 17 Oct 2022 00:00:00 GMT

Describe serverless. A cloud execution model is serverless computing. It enables users and developers to create and use applications and services without having to worry about servers. Applications...

Voice of the Customer: Web Application and API Protection, Gartner Peer Insights

Staff — Sun, 16 Oct 2022 00:00:00 GMT

What is API and Web Application Protection? Web application and API protection (WAAP), according to Gartner, is the evolution of the web application firewall (WAF) market, which now includes four c...

MITRE ATT&CK® Released Updates in Apr 2022 With Additional Techniques and Structuring

Staff — Fri, 14 Oct 2022 00:00:00 GMT

The Techniques, Groups, and Software for Enterprise, Mobile, and ICS are updated in the April 2022 (v11) ATT&CK release. The most significant modifications are the reorganisation of Detections, whi...

OWASP Threat Dragon : open-source threat modeling tool from OWASP

Staff — Fri, 14 Oct 2022 00:00:00 GMT

Threat modelling is regarded as a potent method for incorporating security into application design at an early stage of the secure development lifecycle. It is most effective when used for: ensurin...

The Microsoft Threat Modeling Tool (TMT)

Staff — Fri, 14 Oct 2022 00:00:00 GMT

A crucial component of the Microsoft Security Development Lifecycle is the Threat Modeling Tool (SDL). Early detection and mitigation of potential security issues, when they are still manageable an...

IriusRisk Threat Modeling for Security and Development Teams

Staff — Thu, 13 Oct 2022 00:00:00 GMT

Threat modelling: what is it? Basics of Threat Modeling Threat modeling's fundamental tenet is the identification, disclosure, and management of security flaws. This is accomplished by being aware of

Threat Modeling: Choosing the Right Method for Your Business

Staff — Thu, 13 Oct 2022 00:00:00 GMT

Why Threat Modeling Is Important and What It Is Identifying and evaluating threats that an attacker (threat) could exploit is done through the exercise of threat modelling. Consider a threat model ...

Kenna: RISK-BASED VULNERABILITY MANAGEMENT

Staff — Wed, 12 Oct 2022 00:00:00 GMT

Why You Should Consider More Than CVSS As previously mentioned, one typical method of sorting and prioritising which vulnerabilities to fix first is patching vulnerabilities that have a CVSS score in

A Holistic Performance Management Framework for Implementing Cybersecurity Strategies by BCG & STC

Staff — Sat, 08 Oct 2022 00:00:00 GMT

The frequency and cost of cyberattacks is accelerating. Globally, the cost of cybercrime is estimated to have risen from $445B in 2015 to over $2.2 trillion today. The frequency and size of data br...

Best Cloud SaaS Governance Practices from the CSA Cloud Security Alliance

Staff — Sat, 08 Oct 2022 00:00:00 GMT

Introduction Infrastructure as Service security is almost always the focus when discussing cloud security. platforms as a service (PaaS) and infrastructure as a service (IaaS). In spite of the fact...

Security and Privacy Capability Maturity Model (SP-CMM) by SCF, Secure and Privacy by Design Principles Framework

Staff — Fri, 07 Oct 2022 00:00:00 GMT

The SP establishes 32 common-sense principles to guide the development and oversight of a modern security and privacy program. The SP is sourced from the Secure Controls Framework (SCF), which is a...

Campaigns to be Introduced to MITRE ATT&CK V12

Staff — Wed, 05 Oct 2022 00:00:00 GMT

Primary Articles [Published ](

DevSecOps is not just a technological shift; it is also a cultural one, according to Tenable.cs Cloud Security's whitepaper, "7 Habits of Highly Effective DEVSECOPS Teams."

Staff — Mon, 03 Oct 2022 00:00:00 GMT

DecSecOps, which is typically viewed as an integrated team of development, operational, and security practitioners that can securely deliver innovation within a defined scope to market, is an ideal...

A CyberRisk Alliance Resource, MSSP Alert - TOP 250 MSSPs Services Providers 2022 edition

Staff — Tue, 20 Sep 2022 00:00:00 GMT

A succinct summary The Top 250 MSSPs and associated survey respondents continue to expand more quickly than the managed security market as a whole. In fact, respondents to the survey anticipate tha...

Threat actors gained access to the personal data of tens of thousands of Revolut customers as a result of a cyberattack

Staff — Mon, 19 Sep 2022 00:00:00 GMT

Over the weekend, the financial technology company Revolut was the victim of a 'highly targeted' cyberattack in which threat actors gained access to the personal data of 0.16% of its users (approxi...

$3,500 for Starbucks Cofee Data with Name, Gender, DoB, Mobile No., Email and Address

Staff — Sat, 17 Sep 2022 00:00:00 GMT

The Straits Times discovered that 330,000 Singaporean Starbucks customers' personal information had been compromised and sold on an online forum since September 10. On Friday, the coffee chain sent...

BARK: A PowerShell script was created to aid the BloodHound Enterprise team in locating and regularly validating abuse primitives.

Staff — Sat, 17 Sep 2022 00:00:00 GMT

BloodHound Attack Research Kit is referred to as BARK. It is a PowerShell script created to help the BloodHound Enterprise team find and keep track of abuse primitives. At the moment, BARK is conce...

Beta Mobile Sub-Techniques, Structured Detections, and ICS Join the Band as ATT&CK Upgrades to Version 11

Staff — Sat, 17 Sep 2022 00:00:00 GMT

The most recent ATT&CK release is now available, and this time They have upgraded to version 11! There shouldn't be any major surprises if you've been following their roadmap, but they wanted to ta...

The Azure Threat Research Matrix is explained

Staff — Sat, 17 Sep 2022 00:00:00 GMT

It's typical for the assessment team to cite the MITRE ATT&CK knowledge base when conducting an offensive security assessment so that high-level stakeholders can see visually which techniques were ...

Uber employees believed the alleged teen hacker attack was a joke.

Staff — Fri, 16 Sep 2022 00:00:00 GMT

The world's largest ride-hailing company, Uber, shut down a portion of its operations late on Thursday after learning that its internal systems had been compromised. According to the company, the a...

Dufflebag

Staff — Sat, 10 Sep 2022 00:00:00 GMT

A tool called [Dufflebag ](

Portuguese NATO documents discovered for sale online

Staff — Fri, 09 Sep 2022 00:00:00 GMT

The National Security Office is still determining the extent of the damage, but EMGFA, secret military, and MDN computers are suspected of being involved in the security lapse that made it possible...

A significant data breach on the streaming service Brand New Tube exposed users' names and IP addresses.

Staff — Thu, 08 Sep 2022 00:00:00 GMT

A significant security flaw has been discovered on [BrandNewTube](

A Successful Threat-Hunting Program's Foundation

Staff — Wed, 07 Sep 2022 00:00:00 GMT

'Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected in a network. Cyber threat hunting digs deep to find malicious actors in your environment tha

Feds and npm Give advice on supply chain security to prevent another SolarWinds incident

Staff — Tue, 06 Sep 2022 00:00:00 GMT

Faster development times, innovation, and a thriving open-source community have all been made possible by the ability to use another developer's project as a dependency. With many JavaScript projects

Change your Tiktok password immediately in case of a massive data leak.

Staff — Mon, 05 Sep 2022 00:00:00 GMT

There's a post from 12 hours ago on a well-known hacking forum making some pretty significant claims, with the disclaimer that everything is 'alleged' at this point: 'We don't know why it's there o...

NATO Examines Data Breach from Missile Vendor on the Dark Web

Staff — Sun, 04 Sep 2022 00:00:00 GMT

One set of documents purportedly belonging to an EU defense supplier includes information on the weapons Ukraine used to fight Russia. According to a report in the media, NATO is looking into the l...

DRDO and IIT Delhi scientists demonstrate Quantum Key Distribution (QKD) between two cities 100 kilometres apart

Staff — Fri, 25 Feb 2022 00:00:00 GMT

For the first time in the country, a team of scientists from the Defence Research and Development Organisation (DRDO) and the Indian Institute of Technology (IIT) Delhi successfully demonstrated a ...

Indian Organizations also targetted by Bvp47 backdoor of US NSA Equation Group

Staff — Thu, 24 Feb 2022 00:00:00 GMT

Banaras Hindu University, India Education Network, Eureka Technology Partners, Indian Academy of Sciences, Indian Institute of Tropical Meteorology, Council of Scientific & Industrial Research (CSIR)

Free Cybersecurity Services And Tools Released by CISA

Staff — Wed, 23 Feb 2022 00:00:00 GMT

CISA has collected a list of free cybersecurity tools and services to help companies advance their security capabilities as part of our ongoing objective to minimise cybersecurity risk among U.S. c...

Phishing and malware by numbers in the Threat Report Portugal Q3 2021.

Staff — Wed, 23 Feb 2022 00:00:00 GMT

Segurança-Informática developed and maintains the Portuguese Abuse Open Feed 0xSI f33d, an open sharing database with the potential to collect indicators from numerous sources. This feed is provide...

Cybersecurity Risks of Russia-Ukraine Conflict Escalation

Staff — Tue, 22 Feb 2022 00:00:00 GMT

DDoS attacks on Ukrainian groups were promptly traced to Russian intelligence by the UK and US governments last week. The intrusions on February 15 and 16 were 'very certain' the work of the Russia...

Payout for Zero-Click Outlook Zero-Days has been increased to $400,000 by Zerodium.

Staff — Fri, 28 Jan 2022 00:00:00 GMT

It was announced on the same day that Trustwave SpiderLabs revealed a new approach to get around Outlook security and send malicious links to victims. was reported by [threatpost](

Joint action by 10 countries and Europol taken down VPNLabs secure communication tool favored by cybercriminals

Staff — Tue, 18 Jan 2022 00:00:00 GMT

Joint action by 10 countries and Europol taken down VPNLabs secure communication tool favored by cybercriminals This week, law enforcement officials targeted VPNLab.net's users and infrastructure i...

Russia Arrests members of "REvil" hacking group at U.S. request - FSB

Staff — Tue, 18 Jan 2022 00:00:00 GMT

In Russia, the cities of Moscow, St. Petersburg, Moscow, Leningrad, and Lipetsk, the Russian Federation's Federal Security Service, in collaboration with the Ministry of Internal Affairs' Investiga...

MITRE ATT&CK® Released Updates in Oct 2021 With Additional Techniques and Structuring

Staff — Sun, 16 Jan 2022 00:00:00 GMT

MITRE ATT&CK® is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of ...

Russian Hackers Infiltrate Exams of Indian Navy And Air Force

Staff — Wed, 12 Jan 2022 00:00:00 GMT

The Delhi Police’s has busted attempts of Russian hackers to infiltrate the Indian Navy and Air Force exams through the dark web. The Intelligence Department of Delhi Police were the ones who brought

Alexa AI Attempts to murder a child

Staff — Sun, 09 Jan 2022 00:00:00 GMT

Amazon Alexa, also known simply as Alexa, is a virtual assistant technology largely based on a Polish speech synthesizer named Ivona, bought by Amazon in 2013. It was first used in the Amazon Echo ...

France gonna Earn 210 Million Euro from fine on Cookies of facebook and google

Staff — Fri, 07 Jan 2022 00:00:00 GMT

Cookie Consent [Dark Pattern](

Gartner EDRs are not perfect, fail against common attacks

Staff — Tue, 04 Jan 2022 00:00:00 GMT

Advanced Persistent threats have been a pain for blue teams for a very long time, and one of the key tool in the arsenal is Endpoint Detection and Response tools since the recent past, however, the...

Useful Pentesting Resources

Staff — Tue, 07 Sep 2021 00:00:00 GMT

A curated list of useful penetration testing resources, tools, and references for security professionals.

MITRE ATT&CK® Released Updates in April 2021 With Additional Techniques and Structuring

Staff — Sun, 04 Jul 2021 00:00:00 GMT

NSA Released D3FEND a framework for cybersecurity professionals to tailor defenses

Staff — Sun, 04 Jul 2021 00:00:00 GMT

Recently a Framework was Released by NSA named D3FEND which is based on and Complementary to MITRE ATT&CK Framework. It gave a Technical Knowledge base to create Defensive Countermeasure against Co...

Bharat Ranked in Tier 3 of IISS Cyber Capabilities and National Power: A Net Assessment

Staff — Sat, 03 Jul 2021 00:00:00 GMT

As a result of a Study conducted by IISS Researchers in the last two years, Bharat was ranked in Tier 3, it is to be noted that the US is the only nation in Tier one. Instead of Going the traditional

Penetration testing Attack Infrastructure

Staff — Sat, 03 Jul 2021 00:00:00 GMT

Attack Infra Penetration testing Planning Fill the planning gap Attack Infrastructure/C2 Recon Social Engineering Weaponization Initial Access/foothold Network Pro...

Next-gen missile data, Hacked in Japan report says

Staff — Thu, 21 May 2020 00:00:00 GMT

The Japanese Defense Ministry is investigating a possible leak of details of a new state-of-the-art missile in a large-scale cyberattack on Mitsubishi Electric Corp, the Asahi Shimbun newspaper rep...

BIAS: Bluetooth Impersonation AttackS

Staff — Wed, 20 May 2020 00:00:00 GMT

[Daniele Antonioli](

Huawei dev team, buggy HKSP patch with backdoor and Linux Foundation

Staff — Mon, 18 May 2020 00:00:00 GMT

Last week the Huawei development team submitted a patch to the Linux Foundation with a ‘trivial vulnerability.’ When the vulnerability was discovered, Huawei denied its involvement in the patch and...