Please turn on your JavaScript for this page to function normally.
Russian flag
Sandworm APT’s initial access subgroup hits organizations accross the globe

A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is …

Palo Alto Networks
PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept …

Apple
The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance

The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data. …

attack
Over 3 million Fortune 500 employee accounts compromised since 2022

More than three million employee-linked corporate accounts were compromised between 2022 and 2024 across Fortune 500 companies, according to Enzoic. This surge is fueled by …

database management
Making sense of database complexity

IT leaders are grappling with increasingly complex database environments. According to a new survey from Redgate, key concerns include protecting sensitive data, navigating …

supply chain
It’s time to secure the extended digital supply chain

Organizations’ increasing reliance on third-party software and services has created an environment with more vulnerabilities and harder-to-detect risks. Attackers know they …

SysReptor
SysReptor: Open-source penetration testing reporting platform

SysReptor is a customizable open-source penetration testing reporting platform built for pentesters, red teamers, and cybersecurity professionals. You can optimize your …

data breaches
Silent breaches are happening right now, most companies have no clue

The breaches and ransomware attacks of 2024 highlighted systemic vulnerabilities, demonstrating how third-party and fourth-party dependencies amplify risks across industries, …

AI
CEOs must act now to embrace AI or risk falling behind

While 4 out of 5 CEOs recognize AI’s potential, many worry gaps in their understanding will impact strategic decisions, risking missed opportunities and falling behind …

Patch Tuesday
Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)

February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under …

arrest
8Base ransomware group leaders arrested, leak site seized

The Thai police has arrested four individuals suspected of being the leaders of the 8Base ransomware group and of stealing approximately $16 million from 1,000+ victims they …

Apple
Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)

Users of iPhones and iPads that run iOS/iPadOS 18 and iPadOS 17 are urged to implement the latest updates to plug a security feature bypass vulnerability (CVE-2025-24200) …

Don't miss

Cybersecurity news