​SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access (SMA) 1000 Series appliances that it said has been likely exploited in the wild as a… Read More »SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation

​Despite significant investments in advanced technologies and employee training programs, credential and user-based attacks remain alarmingly prevalent, accounting for 50-80% of enterprise breaches[1],[2]. While identity-based attacks continue to dominate as… Read More »How to Eliminate Identity-Based Threats

​Cybersecurity researchers have disclosed details of a new BackConnect (BC) malware that has been developed by threat actors linked to the infamous QakBot loader. “BackConnect is a common feature or… Read More »QakBot-Linked BC Malware Adds Enhanced DNS Tunneling and Remote Access Features

​Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances. The vulnerability,… Read More »Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

​Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks. “This actor engaged in… Read More »TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware

​The new Trump administration has terminated all memberships of advisory committees that report to the Department of Homeland Security (DHS).  “In alignment with the Department of Homeland Security’s (DHS) commitment… Read More »Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review

​Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks.… Read More »Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet

​U.S. President Donald Trump on Tuesday granted a “full and unconditional pardon” to Ross Ulbricht, the creator of the infamous Silk Road drug marketplace, after spending 11 years behind bars.… Read More »President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison

​As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Forward-thinking security… Read More »Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks

​A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023,… Read More »PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack