Air France and KLM warn of a data breach exposing customer data via unauthorized access to a third-party platform. Air France and KLM reported a data breach after hackers... Read more »
CISA and Microsoft warn of CVE-2025-53786, a high-severity Exchange flaw allowing privilege escalation in hybrid cloud environments. CISA and Microsoft warn of a high-severity flaw, tracked as CVE-2025-53786, in... Read more »
Microsoft’s Project Ire uses AI to autonomously reverse engineer and classify software as malicious or benign. Microsoft announced Project Ire, an autonomous artificial intelligence (AI) system that can autonomously... Read more »
Ukraine’s CERT-UA warns of phishing attacks by UAC-0099 targeting defense sectors, using malware like MATCHBOIL, MATCHWOK, and DRAGSTARE. Ukraine’s CERT-UA warns of phishing attacks by threat actor UAC-0099 targeting... Read more »
ReVault flaws in Dell ControlVault3 firmware allow firmware implants and Windows login bypass on 100+ laptop models via physical access. Cisco Talos reported five vulnerabilities collectively named ReVault (tracked... Read more »
CTEM is a continuous strategy that assesses risk from an attacker’s view, helping orgs prioritize threats across cloud and hybrid environments. The attack surface has exploded. Between multi-cloud deployments,... Read more »
WhatsApp removed 6.8M accounts linked to global scam centers, mainly in Cambodia, in a crackdown with Meta and OpenAI. Meta announced that WhatsApp has removed 6.8 million accounts tied... Read more »
Trend Micro patched two critical Apex One flaws (CVE-2025-54948, CVE-2025-54987) exploited in the wild, allowing RCE via console injection. Trend Micro released fixes for two critical vulnerabilities, tracked as... Read more »
Google addressed multiple Android flaws, including two Qualcomm vulnerabilities that were actively exploited in the wild. Google released security updates to address multiple Android vulnerabilities, including two Qualcomm flaws,... Read more »
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link cameras and Network Video Recorder flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added... Read more »