A critical WatchGuard Fireware flaw could allow unauthenticated code execution

A critical WatchGuard Fireware vulnerability, tracked as CVE-2025-9242, could allow unauthenticated code execution. Researchers revealed details of a critical vulnerability, tracked as CVE-2025-9242 (CVSS score of 9.3), in WatchGuard... Read more »

Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)

Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation targeted victims running older Linux systems that... Read more »

Prosper disclosed a data breach impacting 17.6 million accounts

Threat actors stole personal data, including names, IDs, and financial details from Prosper, affecting over 17M users. Prosper is a U.S.-based peer-to-peer lending platform that connects individual borrowers with... Read more »

Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign

Microsoft revoked 200+ certificates used by Vanilla Tempest to sign fake Teams installers spreading Oyster backdoor and Rhysida ransomware. Microsoft revoked over 200 certificates used by the cybercrime group... Read more »

Microsoft revokes 200 certs used to sign malicious Teams installers

By revoking 200 software-signing certificates, Microsoft has hampered the activities of Vanilla Tempest, a ransomware-wielding threat actor that has been targeting organizations with malware posing as Microsoft Teams. “In... Read more »

Microsoft’s Patch Tuesday: 172 Flaws Fixed

The tech titan is addressing 172 security flaws, including six zero-day vulnerabilities. Among these, eight are rated “Critical,” consisting of five remote code execution bugs and three elevation of... Read more »

PowerSchool hacker got four years in prison

Matthew D. Lane, a Massachusetts student, got four years in prison for hacking and extorting $3M from PowerSchool and another company. A Massachusetts student, Matthew D. Lane, was sentenced... Read more »

Auction house Sotheby’s disclosed a July data breach

Sotheby’s reported a July 24 breach exposing customer and financial data; it took two months to assess the stolen information and affected individuals. Sotheby’s reported a data breach that... Read more »

Censys ICS/OT solution closes visibility gaps and secures exposed industrial systems

Censys announced the release of a new ICS/OT Internet intelligence offering designed to close the visibility gap defenders face when securing exposed industrial assets. From energy and manufacturing to... Read more »

Levo.ai platform unifies AI security and compliance from development to runtime

Levo.ai has released its Unified AI Security Platform, designed to secure AI applications from development to runtime. The platform unifies five modules under a single control plane, enabling enterprises... Read more »
Subscribe to our Newsletter