On Friday, Microsoft reported a significant security incident involving the exploitation of two zero-day vulnerabilities in Microsoft Exchange servers by a single threat actor group as far back as August 2022. This group successfully gained initial access through coordinated attacks targeting fewer than ten organizations worldwide. The compromises facilitated the…
Cybersecurity Weekly Update: New Vulnerabilities and Persistent Threats This week, the cybersecurity landscape revealed alarming developments as multiple organizations fell victim to sophisticated attacks, highlighting the evolving tactics employed by cybercriminals. Notably, Fortinet disclosed a serious vulnerability affecting its FortiWeb application firewall, categorized as CVE-2025-58034. This flaw, assigned a medium…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Ex-CrowdStrike Product Leader Unveils Blueprint Model to Tackle MCP Server Issues and Cost Management Michael Novinson (MichaelNovinson) • March 3, 2026 Raj Rajamani, co-founder and CEO of JetStream (Image: JetStream) JetStream, a startup focusing on artificial intelligence governance, has successfully…
Researchers have identified a Chinese cyber-espionage campaign targeting the United States ahead of the upcoming trade summit between President Donald Trump and President Xi Jinping. The findings, detailed in a report released by Fidelis Cybersecurity, reveal that the Chinese APT10 hacking group infiltrated the “Events” page of the U.S. National…
In recent developments, users of smartphones, internet browsers, and file compression software are facing heightened cybersecurity threats. Hackers are leveraging critical vulnerabilities in widely-used software before patches have even been made available. Organizations and individuals are urged to act swiftly and apply essential updates to mitigate these risks. ⚡ Threat…
Application Security, Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development How Claude’s New AI Code Scanning Tool Will Challenge Application Security Leaders Michael Novinson (MichaelNovinson) • February 23, 2026 The launch of Claude Code Security has positioned Anthropic in direct competition with leading cybersecurity firms, drawing significant attention…
In a significant disclosure from WikiLeaks, a trove of 27 documents purportedly from the US Central Intelligence Agency (CIA) has been released as part of the Vault 7 series. This latest batch introduces the Grasshopper framework, a command-line interface-based tool that facilitates the creation of tailored malware specifically designed to…
A significant security vulnerability known as React2Shell is currently being exploited by cybercriminals to deploy various malware strains, including KSwapDoor and ZnDoor, as reported by Palo Alto Networks’ Unit 42 and NTT Security. The exploitation of this vulnerability poses urgent risks to organizations, particularly those leveraging React and Next.js frameworks.…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime U.S. and Israel May Have Executed ‘Largest Cyberattack in History’ Targeting Tehran David Meyer • March 1, 2026 U.S. forces launch “Operation Epic Fury” as seen in a photo dated Feb. 28, 2026. (Image: U.S. Central Command) Recent actions by U.S. and…
