Category Archives: week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) Apple has released emergency security updates for iOS/iPadOS, … Continue reading Week in review: LLM package hallucinations harm supply chains, Nagios Log Server flaws fixed→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vul… Continue reading Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are probing Palo Alto Networks GlobalProtect portals Cybersecurity company GreyNoise is warning about a significant increase of scanning activit… Continue reading Week in review: Probing activity on Palo Alto Networks GlobalProtect portals, Patch Tuesday forecast→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft’s new AI agents take on phishing, patching, alert fatigue Microsoft is rolling out a new generation of AI agents in Security Copilot, built to h… Continue reading Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) Veeam has released fixes for a critical remote code executi… Continue reading Week in review: Veeam Backup & Replication RCE fixed, free file converter sites deliver malware→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: NIST selects HQC as backup algorithm for post-quantum encryption Last year, NIST standardized a set of encryption algorithms that can keep data secure fro… Continue reading Week in review: NIST selects HQC for post-quantum encryption, 10 classic cybersecurity books→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How QR code attacks work and how to protect yourself While QR codes are convenient, they also present significant risks. In the past few years, cybercrimi… Continue reading Week in review: How QR code attacks work and how to protect yourself, 10 must-reads for CISOs→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Massive botnet hits Microsoft 365 accounts A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying att… Continue reading Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) The suspected Chinese state-sponsored hackers who breached workstations of se… Continue reading Week in review: PostgreSQL 0-day exploited in US Treasury hack, top OSINT books to learn from→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) February 2025 Patch Tuesday is here, and Microsoft has delivered fixes f… Continue reading Week in review: Microsoft fixes two actively exploited 0-days, PAN-OS auth bypass hole plugged→