In a critical bulletin released on September 18, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published nine new advisories detailing high-severity vulnerabilities affecti...
Google has just patched a critical zero-day vulnerability in its Chrome web browser—CVE-2025-10585—which has been actively exploited in the wild. This flaw, a type confusion issue in Chrome’s V8 Ja...
U.S. Cybersecurity and Infrastructure Security Agency’s new Malware Analysis Report on a malicious listener deployed on Ivanti Endpoint Manager Mobile (EPMM) systems by chaining CVE-2025-4427 and C...
Discover the key findings from the 2024 MSSP Alert Top 250 report. Explore trends in MSSP growth, profitability, in-house SOCs, and the critical services defining modern cyber defense.
The Pakistan-linked APT group APT36 (Transparent Tribe) is using a 'Pahalgam terror attack' lure in a multi-pronged cyber-espionage campaign targeting India.
Next.js has rapidly become a dominant force in the React ecosystem, lauded for its developer experience and performance optimizations. However, like any complex framework, it's not immune to securi...
Cybersecurity remains at the forefront of the global conversation, and MITRE ATT&CKcon 5.0 is a pivotal event in the field. Scheduled for October 22-23, 2024, in McLean, Virginia, the conference se...
OPSWAT provides advanced cybersecurity solutions that help organizations optimize security measures.
MITRE ATT&CK version 13 has been recently launched, bringing some significant updates. These include: Key website enhancements Increased focus on cloud and Linux coverage More detailed det...
Updates to Techniques, Groups, and Software for Enterprise, Mobile, and ICS in the October 2022 (v12) ATT&CK release — including new ICS detections and Campaigns.
A critical authentication bypass flaw affecting Fortinet's FortiOS, FortiProxy, and FortiSwitchManager appliances now has proof-of-concept exploit code available. Attackers can get around the authe...
The Microsoft Threat Intelligence Center (MSTIC) has found evidence of a novel ransomware campaign using a hitherto unidentified ransomware payload that targets businesses in the logistics and tran...
Introduction Infrastructure as Service security is almost always the focus when discussing cloud security. platforms as a service (PaaS) and infrastructure as a service (IaaS). In spite of the fact...
A succinct summary The Top 250 MSSPs and associated survey respondents continue to expand more quickly than the managed security market as a whole. In fact, respondents to the survey anticipate tha...
Over the weekend, the financial technology company Revolut was the victim of a 'highly targeted' cyberattack in which threat actors gained access to the personal data of 0.16% of its users (approxi...
The Straits Times discovered that 330,000 Singaporean Starbucks customers' personal information had been compromised and sold on an online forum since September 10. On Friday, the coffee chain sent...
The most recent ATT&CK release is now available, and this time They have upgraded to version 11! There shouldn't be any major surprises if you've been following their roadmap, but they wanted to ta...
The world's largest ride-hailing company, Uber, shut down a portion of its operations late on Thursday after learning that its internal systems had been compromised. According to the company, the a...
The National Security Office is still determining the extent of the damage, but EMGFA, secret military, and MDN computers are suspected of being involved in the security lapse that made it possible...
A significant security flaw has been discovered on [BrandNewTube](<https://onevsp.com/), a YouTube alternative that was founded in the UK. Several users who received an email that revealed thei
