Apple Releases Critical Security Updates for Legacy Devices Apple has taken significant steps to address critical security vulnerabilities by backporting fixes to older models and prior operating system versions. On Monday, the company rolled out updates aimed at mitigating three specific vulnerabilities that have been reported as actively exploited in…
Unpatched Vulnerabilities in Cacti Servers Present New Threats Recent findings from Censys, an attack surface management platform, highlight a significant cybersecurity concern regarding Cacti servers. A majority of these internet-exposed servers remain unpatched against a critical vulnerability identified as CVE-2022-46169. This flaw has been actively exploited, raising alarms for organizations…
Government, Industry Specific Department of Defense Announces New Cybersecurity Maturity Model Certification Rule Chris Riotta (@chrisriotta) • September 10, 2025 Image: Jeremy Christensen/Shutterstock U.S. military contractors are set to face stringent new cybersecurity requirements, following the Department of Defense’s (DoD) official introduction of a mandatory controls framework to be implemented…
A leading U.S. senator has requested that the Federal Trade Commission (FTC) launch an inquiry into Microsoft, citing what he has termed “gross cybersecurity negligence.” This call to action stems from concerns regarding the company’s continued reliance on the outdated RC4 encryption method, which is set as the default in…
The cybersecurity landscape is currently grappling with new threats as the group known as Dark Caracal has been linked to a sophisticated campaign deploying the remote access trojan (RAT) named Poco RAT. This recent wave of attacks primarily targets Spanish-speaking audiences in Latin America throughout 2024. The research findings, presented…
Pakistan’s Data Breach Reveals Widespread Vulnerabilities In a shocking revelation, citizens of Pakistan have recently learned that sensitive personal information—ranging from mobile SIM records and national identity card images to call logs and travel histories—has been readily available for purchase online for years. The alarming commodification of this data, sold…
A concerning campaign targeting exposed PostgreSQL instances has emerged, aiming to gain unauthorized access and deploy cryptocurrency miners within compromised environments. This campaign, identified by cloud security firm Wiz, is a variant associated with a previously recognized intrusion set reported by Aqua Security in August 2024, which utilized a malware…
Recent reports indicate that a new backdoor, deriving its functionalities from the CIA’s Hive multi-platform malware suite, has been deployed by unidentified threat actors. This suite, whose source code was exposed by WikiLeaks in November 2017, has shown new adaptability in the wild. Qihoo Netlab 360’s Alex Turing and Hui…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Company Addresses Non-Binary Software Vulnerabilities Omitted by Traditional Endpoint Security Tools Michael Novinson (MichaelNovinson) • September 10, 2025 Amit Assaraf, co-founder and CEO, Koi (Image: Koi) Washington D.C.-based startup Koi has successfully raised $48 million to enhance the security of…
