CERT-UA warns of UAC-0099 phishing attacks targeting Ukraine’s defense sector

Ukraine’s CERT-UA warns of phishing attacks by UAC-0099 targeting defense sectors, using malware like MATCHBOIL, MATCHWOK, and DRAGSTARE. Ukraine’s CERT-UA warns of phishing attacks by threat actor UAC-0099 targeting... Read more »

Over 100 Dell models exposed to critical ControlVault3 firmware bugs

ReVault flaws in Dell ControlVault3 firmware allow firmware implants and Windows login bypass on 100+ laptop models via physical access. Cisco Talos reported five vulnerabilities collectively named ReVault (tracked... Read more »

How CTEM Boosts Visibility and Shrinks Attack Surfaces in Hybrid and Cloud Environments

CTEM is a continuous strategy that assesses risk from an attacker’s view, helping orgs prioritize threats across cloud and hybrid environments. The attack surface has exploded. Between multi-cloud deployments,... Read more »

WhatsApp cracks down on 6.8M scam accounts in global takedown

WhatsApp removed 6.8M accounts linked to global scam centers, mainly in Cambodia, in a crackdown with Meta and OpenAI. Meta announced that WhatsApp has removed 6.8 million accounts tied... Read more »

Trend Micro fixes two actively exploited Apex One RCE flaws

Trend Micro patched two critical Apex One flaws (CVE-2025-54948, CVE-2025-54987) exploited in the wild, allowing RCE via console injection. Trend Micro released fixes for two critical vulnerabilities, tracked as... Read more »

Google fixed two Qualcomm bugs that were actively exploited in the wild

Google addressed multiple Android flaws, including two Qualcomm vulnerabilities that were actively exploited in the wild. Google released security updates to address multiple Android vulnerabilities, including two Qualcomm flaws,... Read more »

U.S. CISA adds D-Link cameras and Network Video Recorder flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link cameras and Network Video Recorder flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added... Read more »

Zero Day Quest returns: Microsoft ups the stakes with $5M bug bounty

Microsoft offers up to $5M for Zero Day Quest 2026 bug hacking contest; top researchers join live hacking event after fall 2025 submissions. Microsoft is bringing back its live... Read more »

Cisco disclosed a CRM data breach via vishing attack

Cisco disclosed CRM data breach via vishing attack; basic user info was exposed, but no sensitive data or systems were compromised Cisco has confirmed a data breach involving a... Read more »

Exposed Without a Breach: The Cost of Data Blindness

These are in plain sight without a Breach. No ransomware. No compromise. Just misconfigured systems, overpermissioned users, silent access. When we think of a breach, we imagine firewalls failing,... Read more »
Subscribe to our Newsletter