U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds OracSKYSEA Client View, Rapid7 Velociraptor, Microsoft Windows, and IGEL OS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and... Read more »

Spanish fashion retailer MANGO disclosed a data breach after a marketing vendor compromise exposed customer personal information. Mango is a global fashion brand founded in Barcelona in 1984, it... Read more »

Resecurity’s new report details how the Qilin RaaS group relies on global bulletproof hosting networks to support its extortion operations. The following new report by Resecurity will explore the... Read more »

F5 disclosed that a sophisticated nation-state actor breached its systems, stealing BIG-IP source code and data on undisclosed product vulnerabilities. Cybersecurity firm F5 disclosed that a highly sophisticated nation-state... Read more »

About 200K Linux systems from Framework shipped with signed UEFI components vulnerable to Secure Boot bypass, allowing bootkit installation and persistence. Firmware security company Eclypsium warns that about 200,000... Read more »

SAP addressed 13 new flaws, including a maximum severity vulnerability in SAP NetWeaver, which could lead to arbitrary command execution. SAP addressed 13 new vulnerabilities, including a maximum severity issue, tracked... Read more »

China-linked cyberespionage group Flax Typhoon hijacked an ArcGIS system for over a year and used it as a backdoor. China-linked APT group Flax Typhoon (aka Ethereal Panda or RedJuliett)... Read more »

Researchers found nearly half of geostationary satellites leak unencrypted data, exposing consumer, corporate, and military communications. A group of researchers from UC San Diego and the University of Maryland... Read more »

A botnet of 100K+ IPs from multiple countries is attacking U.S. RDP services in a campaign active since October 8. GreyNoise researchers uncovered a large-scale botnet that is targeting... Read more »