SecurityWeek

Citrix has released patches for a critical vulnerability in NetScaler ADC and NetScaler Gateway exploited as a zero-day.

New research suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth variant despite the basic issue being disclosed in June 2023.

With end of support scheduled for October 2025, Windows 10 users will be able to continue receiving important security updates. 

G Data has observed a surge in malware infections originating from ConnectWise applications with modified certificate tables.

SonicWall says a modified version of the legitimate NetExtender application contains information-stealing code.

Rapid7 has found several serious vulnerabilities affecting over 700 printer models from Brother and other vendors. 

Strong security doesn’t just rely on tools—it starts with trust, clarity, and sincerity from the top down.

A high-severity vulnerability in GitHub Enterprise Server could have allowed remote attackers to execute arbitrary code.

Chrome 138 and Firefox 140 are rolling out with fixes for two dozen vulnerabilities, including high-severity memory safety issues.

Mainline Health and Select Medical Holdings have suffered data breaches that affect more than 100,000 individuals. 

Russia-linked APT28 deployed new malware against Ukrainian government targets through malicious documents sent via Signal chats.

Siemens is working with Microsoft to address a Defender Antivirus problem that can lead to no malware alerts or plant disruptions.

The future of secure digital engagement depends on continuous identity verification and proofing that can scale with risk.

Palo Alto Networks has observed a spike in Prometei activity since March 2025, pointing to a resurgence of the botnet.

A Chinese APT has been infecting SOHO routers with the ShortLeash backdoor to build stealthy espionage infrastructure.

Newly discovered spyware has sneaked into Apple’s App Store and Google Play to steal images from users’ mobile devices.

Tech support scammers are using sponsored ads and search parameter injection to trick users into calling them.

North Korean hackers employ social engineering to trick Zoom Meeting participants into executing system-takeover commands.

Canada’s Centre for Cyber Security and the FBI warn of Chinese hackers targeting telecommunications and other companies in Canada.

New "Echo Chamber" attack bypasses advanced LLM safeguards by subtly manipulating conversational context, proving highly effective across leading AI models.