Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and…
CVE-2025-1094 Exploitation, a Critical SQL Injection Vulnerability in PostgreSQL That Can Lead to Arbitrary Code Execution
A novel PostgreSQL flaw, CVE-2025-1094, has hit the headlines. Defenders recently revealed that attackers responsible for weaponizing a BeyondTrust zero-day…
Story About Medical Device Security
Ben Rothke relates a story about me working with a medical device firm back when I was with BT. I…
Debunking the AI Hype: Inside Real Hacker Tactics
Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible,…
Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign
The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies…
Hackers Exploit CAPTCHA Trick on Webflow to Deliver Phishing Attacks
In today’s ever evolving cyber threat landscape, attackers are finding innovative ways to bypass traditional security measures. One recent method…
What is Cloud Security?
Cloud security encompasses the technologies, policies, controls, and services that protect cloud-based systems, data, and infrastructure. It provides a framework…
Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers
Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP…
New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials
Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials…
New XCSSET macOS malware variant used in limited attacks
Microsoft discovered a new variant of the Apple macOS malware XCSSET that was employed in limited attacks in the wild.…