Security Intelligence

CISA warns of exploited flaw in DELMIA Apriso manufacturing software

CISA warns of active exploitation of CVE-2025-5086 in DELMIA Apriso. Critical RCE flaw threatens manufacturing and OT...

Security Intelligence

Akira ransomware campaign against SonicWall: 2 new attack vectors seen

Akira ransomware now exploits two new SonicWall attack vectors: SSLVPN Default Users Group and Virtual Office Portal...

Security Intelligence

September 2025 Patch Tuesday updates for Microsoft

Microsoft’s September 2025 Patch Tuesday fixes 86 flaws, including SMB and Newtonsoft.Json zero days. Learn what’s...

Security Intelligence

Developer Identity Used as Entry Point for npm Supply Chain Attack

npm supply chain attack shows rising phishing risks: compromised maintainer accounts inject malware, highlighting need...

Security Intelligence

Critical vulnerability affecting Argo CD API publicly disclosed

Researchers publicly disclosed a critical vulnerability in Argo CD, a Kubernetes-native continuous deployment tool...

Security Intelligence

WhatsApp vulnerability exploited in targeted zero-click attacks

Learn about CVE-2025-55177, a WhatsApp zero-click flaw added to CISA’s KEV catalog. See its impact on iOS and Mac users...

Security Intelligence

Sitecore vulnerabilities chained into pre-auth remote code execution

Researchers detail critical Sitecore flaws enabling remote code execution. Enterprises urged to patch immediately.

Security Intelligence

Threat actors target Salesforce instances via Salesloft Drift integration

Google warns of OAuth token abuse in Drift-Salesforce integrations, with attackers exfiltrating AWS keys, Snowflake...

Security Intelligence

Sangoma FreePBX warns of active exploitation of unpatched vulnerability

Sangoma warns of active FreePBX zero-day exploits. Restrict ACP access, apply EDGE update, and monitor for patches to...

Security Intelligence

Citrix’s August NetScaler patches include actively exploited zero-day

Citrix patches critical NetScaler ADC & Gateway flaws, including an exploited zero-day. Admins urged to update on-prem...

Security Intelligence

CISA confirms active exploitation of Git vulnerability

CISA adds Git CVE-2025-48384 to KEV list. Actively exploited flaw risks supply chain attacks on macOS/Linux. Patch Git...

Security Intelligence

PolarEdge: The evolution of persistent residential proxy infrastructure

PolarEdge botnet grows to 40,000+ IoT and edge devices, exploiting routers and firewalls to build stealthy residential...