All Recent Posts

Internet Security

Qantas cuts executive bonuses by 15% after a July data breach

September 6, 2025 add comment
Qantas cuts executive bonuses by 15% after a July cyberattack exposed data of 5.7M people, despite reporting $1.5B profit last fiscal year. Qantas cuts executive bonuses by 15% after... Read more »
Internet Security

MeetC2 – A serverless C2 framework that leverages Google Calendar APIs as a communication channel

September 6, 2025 add comment
MeetC2 is a PoC C2 tool using Google Calendar to mimic cloud abuse, helping teams test detection, logging, and response. Background: Modern adversaries increasingly hide command-and-control (C2) traffic inside cloud... Read more »

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

September 6, 2025 add comment
Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under... Read more »
Internet Security

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

September 5, 2025 add comment
Experts warn of an actively exploited vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), in SAP S/4HANA software. A critical command injection vulnerability, tracked as CVE-2025-42957 (CVSS score of 9.9), in SAP... Read more »

Firewall Bug Under Active Attack Triggers CISA Warning

September 5, 2025 add comment
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP. Read more »

Someone Created the First AI-Powered Ransomware Using OpenAI’s gpt-oss:20b Model

September 5, 2025 add comment
Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI... Read more »
Security of TechRepublic

Cybercriminals ‘Grok’ Their Way Past X’s Defenses to Spread Malware

September 5, 2025 add comment
Hackers exploit X’s Grok AI to spread malware via promoted ads, exposing millions to malicious links in a scheme researchers call “Grokking.” Read more »
Internet Security

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

September 5, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Sitecore, Android,... Read more »
Help Net Security

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)

September 5, 2025 add comment
A critical vulnerability (CVE-2025-42957) in SAP S/4HANA enterprise resource planning software is being exploited by attackers “to a limited extent”, the Dutch National Cyber Security Center (NCSC NL) has... Read more »
Help Net Security

Stealthy attack serves poisoned web pages only to AI agents

September 5, 2025 add comment
AI agents can be tricked into covertly performing malicious actions by websites that are hidden from regular users’ view, JFrog AI architect Shaked Zychlinski has found. This novel approach... Read more »
Subscribe to our Newsletter