Collaborate Disseminate
A set of firmware vulnerabilities affecting 100+ Dell laptop models widely used in government settings and by the cybersecurity industry could allow attackers to achieve persistent access even across Windows reinstalls, Cisco Talos researchers have dis… Continue reading Millions of Dell laptops could be persistently backdoored in ReVault attacks
Microsoft is working on a AI agent whose main goal is autonomous malware detection and the prototype – dubbed Project Ire – is showing great potential, the company has announced on Tuesday. Tested on a dataset of known malicious and benign … Continue reading Project Ire: Microsoft’s autonomous malware detection AI agent
Attackers wielding the Akira ransomware and possibly a zero-day exploit have been spotted targeting SonicWall firewalls since July 15, 2025. “In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of ti… Continue reading SonicWall firewalls targeted in ransomware attacks, possibly via zero-day
One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft… Continue reading Storm-2603 spotted deploying ransomware on exploited SharePoint servers
Sonicwall is asking customers running specific Secure Mobile Access (SMA) 100 Series devices to patch a newly uncovered vulnerability (CVE-2025-40599) as soon as possible. “While there is currently no evidence that this vulnerability is being act… Continue reading Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599)
With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default for Home users. “For nearly four decades, the blue screen shown during… Continue reading Microsoft rolls out Windows 11 “quick recovery” feature
One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the flaws. About the vulnerabilities The three vulnerabilities affect Cisco’s Id… Continue reading Maximum severity Cisco ISE vulnerabilities exploited by attackers
As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Re… Continue reading Microsoft pins on-prem SharePoint attacks on Chinese threat actors
Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable deployments. It’s currently unclear what the attackers are using this access fo… Continue reading Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)
Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, the company has confirmed on Saturday. CVE-2025-53770 is being leveraged to pla… Continue reading Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770)