Blog

Cisco has released patches for two critical vulnerabilities in its Unified Contact Center Express (UCCX) appliance. The most severe, CVE-2025-20354 […]

Cloud software provider Blackbaud has agreed to a $49.5 million settlement with 49 U.S. state attorneys general over its 2020

CISA has updated its advisory on the critical WSUS vulnerability (CVE-2025-59287), attributing active, widespread exploitation to the Russian state-sponsored group

A new phishing technique dubbed “GhostLink” has emerged. Attackers compromise a user’s account (e.g., Teams or Zoom) and join a

A critical unauthenticated remote code execution (RCE) vulnerability (CVE-2025-8201, CVSS 10.0) in the “JetStream” enterprise data streaming platform is being

The U.S. Treasury and SEC issued a joint bulletin warning financial institutions of sophisticated, AI-powered disinformation campaigns. State-sponsored actors are

A critical (CVSS 9.8) authorization flaw in the “Post SMTP” WordPress plugin, active on over 400,000 sites, is being actively

The new “2025 Insider Risk Report” from Cybersecurity Insiders finds that 93% of security leaders say insider threats are as

Japanese media giant Nikkei, owner of the Financial Times, has disclosed a data breach impacting over 17,000 employees and business

A critical (CVSS 9.8) vulnerability has been disclosed in the popular “@react-native-community/cli” NPM package, which receives ~2 million weekly downloads.