News

SecurityWeek2d
Rising Tides: Bryson Bort on Cyber Entrepreneurship and the Needed Focus on Critical Infrastructure
Interview with Bryson Bort, CEO/Founder of SCYTHE and co-founder of ICS Village, a non-profit building awareness for critical ...
SecurityWeek2d
China Admitted to Volt Typhoon Cyberattacks on US Critical Infrastructure: Report
In a secret meeting between Chinese and US officials, the former confirmed conducting cyberattacks on US infrastructure.
SecurityWeek1d
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle
The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices.
SecurityWeek2d
SonicWall Patches High-Severity Vulnerability in NetExtender
SonicWall has released fixes for three vulnerabilities in NetExtender for Windows, including a high-severity bug.
SecurityWeek2d
Vulnerability in OttoKit WordPress Plugin Exploited in the Wild
A vulnerability in the OttoKit WordPress plugin with over 100,000 active installations has been exploited in the wild.
SecurityWeek5d
WhatsApp Vulnerability Could Facilitate Remote Code Execution
An update for the WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could be used to ...
SecurityWeek3d
Trump Revokes Security Clearance for Ex-CISA Director Chris Krebs
Trump orders a termination of any active security clearances held by Krebs and a suspension of clearances held by individuals ...
SecurityWeek3d
Study Identifies 20 Most Vulnerable Connected Devices of 2025
Routers are the riskiest devices in enterprise networks as they contain the most critical vulnerabilities, a new Forescout ...
SecurityWeek3d
Groucho’s Wit, Cloud Complexity, and the Case for Consistent Security Policy
Indeed, the new class of solutions dedicated to simplifying complexity in hybrid and multi-cloud environments gives hope that ...
SecurityWeek5d
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk
More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by ...
SecurityWeek2d
‘AkiraBot’ Spammed 80,000 Websites With AI-Generated Messages
CAPTCHA-evading Python framework AkiraBot has spammed over 80,000 websites with AI-generated spam messages. A newly ...
SecurityWeek5d
PCI DSS 4.0.1: A Cybersecurity Blueprint by the Industry, for the Industry
PCI DSS 4.0.1 is a major new version but remains true to the council’s principles and focuses on 'What' Matters in ...