Please turn on your JavaScript for this page to function normally.
Netscaler
Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777)

Citrix has fixed a critical vulnerability (CVE-2025-5777) in NetScaler ADC and NetScaler Gateway reminiscent of the infamous and widely exploited CitrixBleed flaw. The …

Android Enterprise new features
Android Enterprise update puts mobile security first

Google is rolling out new Android Enterprise features aimed at improving mobile security, IT management, and employee productivity. According to Zimperium’s 2025 Global Mobile …

Salesforce
Attackers fake IT support calls to steal Salesforce data

Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat …

Microsoft Windows
Microsoft unveils “centralized” software update tool for Windows

Microsoft is looking to streamline the software updating process for IT admins and users by providing a Windows-native update orchestration platform, and to help organizations …

Windows Server
Unpatched Windows Server vulnerability allows full domain compromise

A privilege escalation vulnerability in Windows Server 2025 can be used by attackers to compromise any user in Active Directory (AD), including Domain Admins. “The …

Android devices secure access
Google strengthens secure enterprise access from BYOD Android devices

Google has introduced Device Trust from Android Enterprise, a new solution for making sure that private Android devices used for work are secure enough to access corporate …

backdoor
Compromised SAP NetWeaver instances are ushering in opportunistic threat actors

A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. “[The] attacks [are] staged by follow-on, …

SysAid
PoC exploit for SysAid pre-auth RCE released, upgrade quickly!

WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind …

0-day exploits
44% of the zero-days exploited in 2024 were in enterprise solutions

In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of …

cyber hygiene
What’s worth automating in cyber hygiene, and what’s not

Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. …

SAP
Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)

CVE-2025-31324, a critical vulnerability in the SAP NetWeaver platform, is being actively exploited by attackers to upload malicious webshells to enable unauthorized file …

NTLM
Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools