Blog

CISA has updated its advisory on the critical WSUS vulnerability (CVE-2025-59287), attributing active, widespread exploitation to the Russian state-sponsored group […]

A new phishing technique dubbed “GhostLink” has emerged. Attackers compromise a user’s account (e.g., Teams or Zoom) and join a

A critical unauthenticated remote code execution (RCE) vulnerability (CVE-2025-8201, CVSS 10.0) in the “JetStream” enterprise data streaming platform is being

The U.S. Treasury and SEC issued a joint bulletin warning financial institutions of sophisticated, AI-powered disinformation campaigns. State-sponsored actors are

A critical (CVSS 9.8) authorization flaw in the “Post SMTP” WordPress plugin, active on over 400,000 sites, is being actively

The new “2025 Insider Risk Report” from Cybersecurity Insiders finds that 93% of security leaders say insider threats are as

Japanese media giant Nikkei, owner of the Financial Times, has disclosed a data breach impacting over 17,000 employees and business

A critical (CVSS 9.8) vulnerability has been disclosed in the popular “@react-native-community/cli” NPM package, which receives ~2 million weekly downloads.

Google’s November 2025 Android Security Bulletin patches a critical remote code execution (RCE) vulnerability in the Android System component. Tracked

In alignment with national security policies, the UAE, in partnership with e& and AWS, has announced the full availability of