The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included six new security vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog, citing clear indications of ongoing exploitation. This move emphasizes the necessity for organizations to remain vigilant and proactive in their cybersecurity measures. Among the newly flagged vulnerabilities is…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially included a critical vulnerability affecting Microsoft SharePoint Server in its Known Exploited Vulnerabilities (KEV) catalog, highlighting evidence of active exploitation within various environments. This vulnerability, identified as CVE-2023-29357, has garnered a significant CVSS score of 9.8, indicating its severity and…
A newly emerged AI image creation startup has come under fire for leaving its database exposed, resulting in the unauthorized access of over a million user-generated images and videos. Alarmingly, the majority of the leaked content includes explicit material, with some instances involving minors. This breach raises significant concerns regarding…
Recent investigations have surfaced an attempt to breach CrowdStrike, a prominent cybersecurity firm, within the backdrop of the ongoing espionage campaign associated with SolarWinds. The intrusion was reportedly thwarted, revealing critical insights into the current landscape of cybersecurity threats. On December 15, Microsoft’s Threat Intelligence Center flagged a third-party reseller’s…
A recent security incident involving an AI image creator startup has revealed alarming vulnerabilities, with an unsecured database exposing over a million user-generated images and videos. The majority of the compromised content consisted of explicit material, including sensitive and troubling depictions of minors. This breach raises significant concerns about user…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Chinese-Linked Malware Campaign Targets Critical Environments With Weak Monitoring Chris Riotta (@chrisriotta) • December 4, 2025 Image: Shutterstock The U.S. federal government has issued a warning regarding a sophisticated malware campaign linked to Chinese state-sponsored actors, known as Brickstorm. This malicious software…
Understanding the Escalating Cybersecurity Threats for SMBs In an era where cybersecurity breaches dominate headlines, the visibility of these risks extends beyond large enterprises to encompass small and medium-sized businesses (SMBs) and the public at large. This growing awareness among SMBs highlights the pressing need to bolster their security measures.…
Recent cybersecurity research has uncovered intriguing potential connections between the notorious SolarWinds hack and a previously identified malware strain called Kazuar. Kaspersky’s latest analysis highlights overlapping features that suggest a link between the two malicious software architectures. The SolarWinds incident, disclosed in December 2020, was characterized by its unprecedented scale…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently highlighted a significant security vulnerability affecting JetBrains TeamCity On-Premises software, categorizing it as a known exploited vulnerability in its catalog. This classification is based on concrete evidence of active exploitation in the wild. The identified flaw, designated CVE-2024-27198, has a…
