Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127)
A “highly sophisticated” cyber threat actor has been exploiting a zero-day authentication bypass vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller …
Akira ransomware affiliates continue breaching organizations via SonicWall firewalls
Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting …
How to choose secure, verifiable technologies?
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, …
How LockBit used Citrix Bleed to breach Boeing and other targets
CVE-2023-4966, aka “Citrix Bleed”, has been exploited by LockBit 3.0 affiliates to breach Boeing’s parts and distribution business, and “other trusted …
Top 12 vulnerabilities routinely exploited in 2022
Cybersecurity agencies from member countries of the Five Eyes intelligence alliance have released a list of the top 12 vulnerabilities routinely exploited in 2022, plus 30 …
SimSpace collaborates with ACSC to provide cyber range exercises for organizations
SimSpace announced that the company is partnering with the Advanced Cyber Security Center (ACSC), New England’s non-profit committed to advancing collaborative defense for its …
Featured news
Resources
Don't miss
- Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)
- Acrobat Reader zero-day exploited in the wild for many months
- AI agent intent is a starting point, not a security strategy
- Asqav: Open-source SDK for AI agent governance
- BlueHammer: Windows zero-day exploit leaked