Please turn on your JavaScript for this page to function normally.
Ivanti
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)

A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances …

Ivanti
CISA reveals new malware variant used on compromised Ivanti Connect Secure devices

CISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who …

Biohazard
AI will make ransomware even more dangerous

Ransomware is the top predicted threat for 2025, which is especially concerning given 38% of security professionals say ransomware will become even more dangerous when powered …

patch tuesday
March 2025 Patch Tuesday forecast: A return to normalcy

The February Patch Tuesday updates and activity during the month marked a return to normalcy for patch management. Following the January updates addressing 100+ …

Ivanti
PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)

A proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. The vulnerabilities – …

Patch Tuesday
February 2025 Patch Tuesday forecast: New directions for AI development

February 2025 Patch Tuesday is now live: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) The new year has started with a whirlwind of …

CISO
CISOs are juggling security, responsibility, and burnout

This article gathers excerpts from multiple reports, presenting statistics and insights that may be valuable for CISOs, helping them with informed decision-making, risk …

Ivanti
UK domain registry Nominet breached via Ivanti zero-day

The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver …

Patch Tuesday
January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance

January 2025 Patch Tuesday is now live: Microsoft fixes actively exploited Windows Hyper-V zero-day flaws Welcome to 2025 and a new year of patch excitement! In my December …

Ivanti
Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)

The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant …

Ivanti
Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)

NEW STORY: Thursday, January 9, 07:30 ET Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) Ivanti has fixed two vulnerabilities affecting Ivanti …

Artificial intelligence
AI is becoming the weapon of choice for cybercriminals

This article highlights key findings from 2024 reports on AI and GenAI technologies, focusing on their potential and major challenges. Overreliance on GenAI to develop …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools