-
F5 released its Quarterly Security Notification, addressing multiple security flaws across its product ecosystem. While F5 classifies the primary vulnerabilities as “Medium” severity under their internal policy, the updated CVSS v4.0 scorin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Zscaler, Inc., a global leader in cloud security, has announced the successful acquisition of SquareX. This strategic move is designed to extend Zscaler’s Zero Trust capabilities directly into the web browser, effectively securing the “AI eraR…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A significant surge in Odyssey Stealer activity is currently targeting macOS users across multiple continents, with recent telemetry data revealing a dramatic geographic expansion of this sophisticated information-stealing campaign. Security researcher…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new, highly sophisticated cyberattack campaign that reveals how attackers are bypassing modern defenses to infiltrate corporate networks. The investigation points to a stealthy, multi-stage intrusion likely orchestrated by the threat group known as A…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the React Native Community CLI to its Known Exploited Vulnerabilities (KEV) catalog. Identified as CVE-2025-11953, this vulnerability is…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw has been identified in CentOS 9 that allows a local user to escalate their privileges to root. The vulnerability, which stems from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, was awarded f…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environ…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) softw…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponiz…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An ongoing spam campaign that leverages social engineering to deploy legitimate Remote Monitoring and Management (RMM) software on victim networks. By disguising malicious payloads as essential Adobe Acrobat updates, threat actors are successfully bypa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
