Collaborate Disseminate
Every time cyber defenders and companies discover new ways to block intrusions, attackers change their tactics and find a way around the defenses. “Living off the Land” (LOTL) is a prime example: since many detection tools became good at fl… Continue reading Hackers love LOTL, this approach shuts them down
The cooperative agreement between the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the not-for-profit Center for Internet Security is ending today, the agency has announced on Monday, and CISA will take it upon itself to offer suppo… Continue reading CISA says it will fill the gap as some federal funding for MS-ISAC dries up
Western Digital has fixed a critical remote code execution vulnerability (CVE-2025-30247) in the firmware powering its My Cloud network-attached storage (NAS) devices, and has urged users to upgrade as soon as possible. About CVE-2025-30247 Western Dig… Continue reading Western Digital My Cloud NAS devices vulnerable to unauthenticated RCE (CVE-2025-30247)
Four hours or less: that’s how long it takes for Akira affiliates to break into organizations and deploy the ransomware on their systems, Arctic Wolf researchers have warned. Armed with SonicWall SSL VPN credentials stolen in earlier intrusions a… Continue reading Akira ransomware: From SonicWall VPN login to encryption in under four hours
CVE-2025-10035, a perfect CVSS 10.0 vulnerability in the Fortra GoAnywhere managed file transfer solution, has apparently been exploited in zero-day attacks before the patch was released on September 15, 2025. Evidence of in-the-wild exploitation revea… Continue reading Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035)
A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and Australian cybersecurity agencies. The suspected state-sponsored threat actor … Continue reading Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks
Windows 10 users in the European Economic Area (EEA) will be able to receive extended security updates until October 14, 2026, without having to pay for them or to back up their settings, apps, or credentials to the Microsoft cloud. Microsoft backtrack… Continue reading European Windows 10 users get an additional year of free security updates
Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, lookalike/fake websites, and malware. There’s even been a documented instance of an … Continue reading Microsoft spots LLM-obfuscated phishing attack
Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About CVE-2025-20352 Cisco IOS software can be found on older models of Cisco Catalyst … Continue reading Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)
SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT ticketing and asset management solution. While the vulnerability is currently not being leveraged by … Continue reading SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)