Archive

NewsNews
Apache Tomcat CVE-2025-24813 Under Attack

Apache Tomcat CVE-2025-24813 Under Attack

Newsroom
Newsroom
NewsNews
CISA Warns of Supply Chain Compromise of tj-actions/changed-files GitHub Action

CISA Warns of Supply Chain Compromise of tj-actions/changed-files GitHub Action

Newsroom
Newsroom
NewsNews
+1+1
CISA Adds Apple CVE-2025-24201 to KEV Catalog

CISA Adds Apple CVE-2025-24201 to KEV Catalog

Newsroom
Newsroom
NewsletterNewsletter
🎓️ Vulnerable U | #107

🎓️ Vulnerable U | #107

CISA having a bad time, Microsoft and Google Threat Intel full of goodies this week, SSRF on the rise as per GreyNoise, and much more!

Matt Johansen
Matt Johansen
MicrosoftMicrosoft
+1+1
Microsoft Disrupts Huge Malvertising Campaign

Microsoft Disrupts Huge Malvertising Campaign

Newsroom
Newsroom
NewsletterNewsletter
🎓️ Vulnerable U | #106

🎓️ Vulnerable U | #106

US stand down against Russia, Microsoft intel on Silk Typhoon, Some spicy polymorphic malware, a super huge and instantly spun up botnet, and much more!

Matt Johansen
Matt Johansen
Mental HealthMental Health
High Pay, Low Respect: 60% of Cybersecurity Pros Want to Change Jobs

High Pay, Low Respect: 60% of Cybersecurity Pros Want to Change Jobs

Cybersecurity burnout is real—learn practical self-care tips, set boundaries, and build community support to protect your mental health in a high-stress industry.

Matt Johansen
Matt Johansen
NewsNews
Executives Receive Fake Snail Mail BianLian Ransomware Notes

Executives Receive Fake Snail Mail BianLian Ransomware Notes

Executives are receiving something strange from scammers claiming to be linked to the BianLian group: Fake ransomware letters delivered via snail mail

Newsroom
Newsroom
VulnerabilityVulnerability
+1+1
Microsoft Patches Critical RCE Flaw in Windows KDC Proxy

Microsoft Patches Critical RCE Flaw in Windows KDC Proxy

Microsoft has patched CVE-2024-43639, a critical remote code execution (RCE) vulnerability in Windows KDC Proxy.

Newsroom
Newsroom
IranIran
+1+1
Highly Targeted Polyglot Malware Campaign Hits UAE Aviation and Satellite Firms

Highly Targeted Polyglot Malware Campaign Hits UAE Aviation and Satellite Firms

A sophisticated cyber espionage campaign, dubbed UNK_CraftyCamel, is targeting aviation and satellite organizations in the UAE. Attackers use polyglot files, a custom Go-based backdoor (Sosano), and compromised business accounts to evade detection.

Newsroom
Newsroom
cybercrimecybercrime
+1+1
Notorious Spam Host "Prospero" Now Routing Through Kaspersky Lab Networks

Notorious Spam Host "Prospero" Now Routing Through Kaspersky Lab Networks

Prospero OOO, a major bulletproof hosting provider linked to malware and phishing operations, has started routing through Kaspersky Lab’s network. This shift raises concerns over cybersecurity risks and Kaspersky’s role.

Newsroom
Newsroom
JavaGhost Phishing Campaigns Exploit AWS Misconfigurations to Send Emails from Trusted Domains

JavaGhost Phishing Campaigns Exploit AWS Misconfigurations to Send Emails from Trusted Domains

A sophisticated phishing campaign is exploiting AWS misconfigurations to send emails from trusted domains using Amazon SES and WorkMail. Learn how attackers gain access, evade detection, and persist in compromised AWS environments.

Newsroom
Newsroom