A security vulnerability in Fortinet’s FortiClient for Windows has been exploited by the threat group known as **BrazenBamboo**, allowing them to extract VPN credentials using a modular framework named **DEEPDATA**. This exploitation was disclosed by Volexity, which reported the zero-day…
Two Eastern European nationals have received prison sentences in the United States for their involvement in “bulletproof hosting” services used by cybercriminals to distribute malware and target financial institutions between 2009 and 2015. Pavel Stassi, aged 30 from Estonia, has…
On February 5, 2023, Reddit confirmed it fell victim to a security breach that allowed unauthorized actors to access internal documentation, source code, and certain business systems. This incident underscores ongoing vulnerabilities in organizational security protocols, particularly as cybercriminals refine…
The Rise of Modern IGA Amidst Cyber Threats: Key Insights for Business Owners In today’s rapidly evolving digital landscape, Identity Governance and Administration (IGA) has taken on unprecedented significance. With the surge of artificial intelligence and its integration into various…
The LockBit ransomware group has made a notable return, launching its latest variant, LockBit 5.0, after a period of inactivity triggered by law enforcement actions earlier in 2024. The resurgence comes despite significant disruptions to their infrastructure and efforts to…
Palo Alto Networks Identifies Zero-Day Exploit in PAN-OS Firewall Palo Alto Networks has recently unveiled crucial indicators of compromise (IoCs) following the confirmation of a zero-day vulnerability within its PAN-OS firewall management interface. This vulnerability has reportedly been targeted and…
Recent reports indicate a sophisticated malware campaign that is specifically targeting entities in Afghanistan and India. This campaign exploits a decades-old vulnerability in Microsoft Office, identified as CVE-2017-11882, which has since been patched. The vulnerabilities allow adversaries to deploy remote…
Critical Infrastructure Security, Governance & Risk Management, Operational Technology (OT) The Vulnerability of Airport Baggage Systems Shaun Waterman • October 24, 2025 Image: Jaromir Chalabala/Shutterstock The airport baggage carousel, often viewed as an inconvenient fixture, represents a significant security concern…
The Breach Exposed Toys “R” Us Canada has disclosed a significant data breach affecting customer information, with details reportedly resurfacing on the dark web. The breach occurred back in July, revealing that cybercriminals accessed and leaked sensitive personal information of…
A significant authentication bypass vulnerability has been revealed in the Really Simple Security plugin for WordPress, previously known as Really Simple SSL. This security flaw poses a serious threat, as it allows a malicious actor to remotely obtain full administrative…
