A 0-day buffer overflow vulnerability in Cisco ASA and FTD devices, exploitable via WebVPN, allows unauthenticated remote code execution. Cisco has released patches and issued guidance for mitigation.
The Romanian Waters Authority suffered a ransomware attack that disabled key hydrological systems, forced emergency containment actions, and exposed ongoing cybersecurity weaknesses in critical infrastructure.
Akira ransomware has evolved into one of the most disruptive ransomware-as-a-service operations, hitting more than 250 organizations and extorting over $244 million. This article walks through how Akira gains initial access, exploits VPN and firewall weaknesses, moves laterally, and applies double extortion — then outlines practical defenses security teams can deploy now.
The newly discovered ClayRat Android spyware represents one of 2025’s most sophisticated state-sponsored mobile espionage tools. Designed to collect device data, intercept communications, and monitor app activity, ClayRat’s discovery highlights how Android remains a prime target in global intelligence operations.
Microsoft 365 suffered a widespread outage across Australia, causing authentication failures, email disruptions and Teams connection issues. Although services gradually recovered, the incident exposed cloud reliability concerns for businesses that rely heavily on Microsoft’s ecosystem.
China’s Ministry of State Security (MSS) has announced a bounty for information on members of Taiwan’s psychological warfare unit, accusing them of separatist activities and cyber influence campaigns. The move signals an escalation in cross-strait information warfare and a growing overlap between propaganda and cybersecurity operations.
EDR-Redir V2 blinds Microsoft Defender by abusing Windows file-system filter drivers with bind links that redirect or corrupt EDR working paths. This practitioner’s guide explains the method, highlights reliable artifacts, and lists resilient mitigations so teams can validate exposure, restore telemetry, and protect Windows 11 fleets without breaking production.
Who Is Scattered Spider? Scattered Spider is a cybercrime group known for executing high-impact ransomware attacks across the United States. They gained notoriety for their clever use of social engineering, SIM-swapping, and remote access tools to infiltrate major organizations. Operating with international ties, the group targeted companies with sophisticated techniques and insider manipulation to extort…
Hackers exploited OAuth tokens in third-party Salesforce integrations, stealing CRM data and extorting affected customers. Salesforce urges clients to rotate credentials.
Grafana Enterprise patched a critical CVSS 10.0 SCIM vulnerability, CVE-2025-41115, that allowed attackers to impersonate privileged users through numeric external IDs. Learn how the flaw worked, which versions were affected, and what steps security teams must take to secure Grafana deployments.