Zeljka Zorz
Connectwise is rotating code signing certificates. What happened?
Connectwise customers who use the company’s ScreenConnect, Automate, and ConnectWise RMM solutions are urged to update all agents and/or validate that the update has …
Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)
For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users …
Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)
Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. …
EU launches EU-based, privacy-focused DNS resolution service
DNS4EU, an EU-based DNS resolution service created to strengthen European Union’s digital sovereignty, has become reality. What is DNS? The Domain Name System (DNS) …
Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)
With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks …
Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
Millions of Internet-of-Things (IoT) devices running the open-source version of the Android operating system are part of the Badbox 2.0 botnet, the FBI has warned. Cyber …
Attackers fake IT support calls to steal Salesforce data
Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat …
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419)
Google has fixed two Chrome vulnerabilities, including a zero-day flaw (CVE-2025-5419) with an in-the-wild exploit. About CVE-2025-5419 CVE-2025-5419 is a high-severity out of …
Attackers breached ConnectWise, compromised customer ScreenConnect instances
A suspected “sophisticated nation state actor” has compromised ScreenConnect cloud instances of a “very small number” of ConnectWise customers, the …
Microsoft unveils “centralized” software update tool for Windows
Microsoft is looking to streamline the software updating process for IT admins and users by providing a Windows-native update orchestration platform, and to help organizations …
Attackers hit MSP, use its RMM software to deliver ransomware to clients
A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via …
Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group
The Dutch intelligence and security services have identified a new Russia-affiliated threat group that has been breaching government organizations and commercial entities in …
Featured news
Resources
Don't miss
- Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms
- New framework aims to outsmart malware evasion tricks
- Finding connection and resilience as a CISO
- AI isn’t taking over the world, but here’s what you should worry about
- Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations