Critical Security Update: SolarWinds Remediates Multiple Serv-U Vulnerabilities
SolarWinds has issued an urgent security update for its Serv-U file transfer software, patching three critical remote code execution (RCE)…
Security
Weekly Update 479
Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. I gave up on…
Friday Squid Blogging: New “Squid” Sneaker
I did not know Adidas sold a sneaker called “Squid.” As usual, you can also use this squid post to…
More on Rewiring Democracy
It’s been a month since Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship was published. From what…
AI as Cyberattacker
From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign.…
APIs Are the Retail Engine: How to Secure Them This Black Friday
Can you ever imagine the impact on your business if it went offline on Black Friday or Cyber Monday due…
WrtHug Abuse of ASUS WRT Vulnerabilities Exposes Thousands of EoL Routers
Operation WrtHug refers to a widespread compromise of end-of-life (EoL) ASUS routers, where attackers exploit previously disclosed vulnerabilities to gain…
7-Zip Users at Risk: Symbolic Link Vulnerability Triggers RCE Attacks
A security vulnerability in the widely used 7-Zip file archiver has recently come under active exploitation. The flaw, identified as…
CVE-2025-13223: The Chrome Vulnerability You Can’t Afford to Ignore
Heads up, Chrome users! An actively exploited zero-day vulnerability, CVE-2025-13223, has been identified in Google Chrome’s V8 JavaScript and WebAssembly…
Scam USPS and E-Z Pass Texts and Websites
Google has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused…