Latest News

Chinese APT UAT-7237 has been targeting Taiwanese web infrastructure for long-term access to high-value entities.

CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.

Other noteworthy stories that might have slipped under the radar: Canada’s House of Commons hacked, Russia behind court system attack, Pennsylvania AG targeted in cyberattack.

With cybersecurity budgets strained, organizations are turning to AI-powered automation to plug staffing gaps, maintain defenses, and survive escalating threats.

Android pKVM has achieved SESIP Level 5 certification, which means it’s resistant to highly skilled, motivated, and funded attackers.

Rockwell Automation has published several advisories describing critical and high-severity vulnerabilities affecting its products.

Cisco has released over 20 advisories as part of its August 2025 bundled publication for ASA, FMC and FTD products.

Path traversal and XXE injection flaws allowing unauthenticated remote code execution have been patched in Xerox FreeFlow Core. 

CISA reported becoming aware of attacks exploiting CVE-2025-8875 and CVE-2025-8876 in N-able N-central on the day they were patched.

The new DDoS attack vector, which involves HTTP/2 implementation flaws, has been compared to Rapid Reset.

Researchers at enterprise browser security firm SquareX showed how an attacker can impersonate a user and bypass passkey security. 

During the April incident, hackers gained access to a digital system which remotely controls one of the dam’s valves and opened it to increase the water flow.

Intel, AMD and Nvidia have published security advisories describing vulnerabilities found recently in their products.

The RansomHub ransomware group stole sensitive information from staffing and recruiting firm Manpower in January.

Fortinet and Ivanti have published new security advisories for their August 2025 Patch Tuesday updates.