Chinese AI platform DeepSeek faced a “large-scale” cyberattack

Chinese AI company DeepSeek has disabled registrations for its DeepSeek-V3 chat platform following a “large-scale” cyberattack. DeepSeek has designed a new AI platform that quickly gained attention over the... Read more »

Compliance Scorecard Version 7 simplifies compliance management for MSPs

Compliance Scorecard released Compliance Scorecard Version 7. This latest release is designed to seamlessly integrate compliance into cybersecurity offerings, delivering new features that simplify and enhance compliance management for... Read more »

BloodyAD: Open-source Active Directory privilege escalation framework

BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers. It enables various privilege escalation techniques within Active Directory environments.... Read more »

74% of CISOs are increasing crisis simulation budgets

In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, 23andMe, Transport for London, and Cencora, CISOs are reassessing their organisation’s readiness to manage a potential “chaos” of... Read more »

Cybersecurity jobs available right now: January 28, 2025

Application Security Engineer Bumble | United Kingdom | Hybrid – View job details As an Application Security Engineer, you will design and implement security testing tools within CI/CD pipelines... Read more »

Meta’s Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks

A high-severity security flaw has been disclosed in Meta’s Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the... Read more »

Apple fixed the first actively exploited zero-day of 2025

Apple addressed the first zero-day vulnerability of 2025, which is actively exploited in attacks in the wild aimed at iPhone users. Apple released security updates to address 2025’s first... Read more »

TalkTalk confirms data breach involving a third-party platform

UK telecommunications firm TalkTalk disclosed a data breach after a threat actor announced the hack on a cybercrime forum. UK telecommunications company TalkTalk confirmed a data breach after a... Read more »

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)

5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The warning came last... Read more »

Multiple Git flaws led to credentials compromise

Vulnerabilities in the Git credential retrieval protocol could have allowed threat actors to access user credentials. Security researcher RyotaK from GMO Flatt Security Inc discovered multiple vulnerabilities in the... Read more »
Subscribe to our Newsletter