Recent findings have revealed two security vulnerabilities in Microsoft Windows that have since been patched but could have been exploited by attackers to carry out remote code execution (RCE) on Outlook email clients without any user intervention. This information was disclosed by Akamai researcher Ben Barnea, who discovered the flaws…
Cloud Security, Security Operations Palo Alto Networks and Google Cloud Strengthen Cybersecurity Partnership with Prisma AIRS Integration Michael Novinson (MichaelNovinson) • December 19, 2025 The recent partnership between Palo Alto Networks and Google Cloud marks a significant development in cybersecurity, with a focus on integrating Palo Alto’s Prisma AIRS platform…
Cybercrime, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Vercel Issues Warning: Two Additional Vulnerabilities in React Server Components Urgently Require Patching Mathew J. Schwartz (@euroinfosec) • December 15, 2025 Image: Shutterstock/React/ISMG Experts warn that the React2Shell vulnerability is being exploited en masse by state-sponsored attackers connected to China, North…
Recent investigations indicate that despite concerted efforts to disrupt the TrickBot malware operations, its creators are adapting and evolving their tactics. A report from cybersecurity firm Netscout reveals that the authors of TrickBot have ported elements of their malicious code to Linux, broadening their potential target base. Initially identified in…
Artificial Intelligence & Machine Learning, Cybercrime as-a-service, Fraud Management & Cybercrime WormGPT 4 Offered at $50 Monthly; KawaiiGPT Now Open Source Rashmi Ramesh (@rashmiramesh_) • December 8, 2025 Image: Shutterstock A new wave of cybercrime-as-a-service offerings is emerging, featuring malicious large language models (LLMs) available for subscription on platforms like…
Mass Exploitation of SSRF Vulnerability in Ivanti Products A significant server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure and Policy Secure products has been widely exploited. Recent reports indicate that attacks are emanating from over 170 distinct IP addresses, indicating a coordinated effort to establish unauthorized access, including reverse…
The investigation into the SolarWinds supply chain attack continues to reveal significant findings, including the emergence of a new malware strain. Recent digital forensic analysis suggests that a different group of threat actors may be exploiting SolarWinds’ Orion software to deploy a similar persistent backdoor on compromised systems. According to…
A critical vulnerability has been identified in the SolarWinds Orion software, which may have been exploited by threat actors as a zero-day to deliver the SUPERNOVA malware across targeted environments. This discovery highlights significant risks for organizations utilizing this widely adopted system monitoring and management tool. The CERT Coordination Center…
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a recently patched security vulnerability affecting Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software in its Known Exploited Vulnerabilities (KEV) catalog. This update comes in response to indications that the flaw is being actively exploited in…
