Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days

Microsoft’s March 2025 Patch Tuesday includes six actively exploited zero-day vulnerabilities. Learn about the critical vulnerabilities and why immediate updates are essential. Read more »

Goodbye passwords? Enterprises ramping up passkey adoption

87% of companies have, or are in the midst of, rolling out passkeys with goals tied to improved user experience, enhanced security, and compliance, according to the FIDO Alliance.... Read more »

Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites

Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. “The threat actor hides each... Read more »

NIST selects HQC as backup algorithm for post-quantum encryption

Last year, NIST standardized a set of encryption algorithms that can keep data secure from a cyberattack by a future quantum computer. Now, NIST has selected a backup algorithm... Read more »

New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?

The Ballista botnet is exploiting an unpatched TP-Link vulnerability, targeting over 6,000 Archer routers, Cato CTRL researchers warn. Cato CTRL researchers observed a new botnet, called Ballista botnet, which... Read more »

iPhone, iPad update fixes critical WebKit flaw

Read more »

NetBird: Open-source network security

NetBird is an open-source solution that integrates a configuration-free peer-to-peer private network with centralized access control, providing a single platform to build secure private networks for your organization or... Read more »

Burnout in cybersecurity: How CISOs can protect their teams (and themselves)

Cybersecurity is a high-stakes, high-pressure field in which CISOs and their teams constantly battle threats, compliance requirements, and business expectations. The demand for 24/7 vigilance, sophisticated attacks, and a... Read more »

Defending against EDR bypass attacks

EDR bypass and killer attacks are surging, yet many organizations continue to overlook this threat while they have become over-reliant on this security tool – particularly when preventing ransomware.... Read more »

Apple fixed the third actively exploited zero-day of 2025

Apple addressed a zero-day vulnerability, tracked as CVE-2025-24201, that has been exploited in “extremely sophisticated” cyber attacks. Apple has released emergency security updates to address a zero-day vulnerability, tracked... Read more »
Subscribe to our Newsletter