Exploit Published for Sudo CVE-2025-32463 Urgent Patch Needed
A public PoC exploit for CVE-2025-32463 in Sudo has been released, enabling local privilege escalation to root. Linux users are urged to update to Sudo 1.9.16p1.
Read More
China-Aligned Abuse msbuild, DCSync After Legacy CVE Break-ins
A China-linked crew still breaks in through legacy CVEs Log4j, Struts, Confluence, GoAhead then hides behind scheduled tasks and msbuild.exe to run memory-resident payloads. They probe domain controllers with DCSync, and they target misconfigured IIS by abusing ASP.NET machine keys to deploy TOLLBOOTH with SEO cloaking. Reduce risk by patching edge services, restricting LOLBAS on servers, rotating machine keys, and alerting on replication from non-DC hosts.
GPT-5-Powered Aardvark Automates Vulnerability Fixes
Aardvark is OpenAI’s GPT-5–powered security agent that reads repositories like a human, validates exploitability in a sandbox, and proposes precise patches. Consequently, teams can cut detection and remediation time without slowing delivery.
CISA/NSA Guidance: Hardening Microsoft Exchange Servers Now
CISA and NSA published a focused plan to harden Microsoft Exchange. Enforce modern authentication, cut exposure, enable Extended Protection, and lock down TLS to stop real-world attacks.
TP-Link Omada Gateways Hit by Critical Command Injection Flaw
A newly uncovered vulnerability in TP-Link’s Omada gateway line enables remote attackers to execute system-level commands. This flaw threatens business networks worldwide and demands immediate firmware patching and access control reviews.
New Ollama and NVIDIA Flaws Expose AI Stacks Fix Fast
Exposed Ollama APIs and a critical NVIDIA Container Toolkit flaw raise the stakes for AI infrastructure. Authenticate Ollama, close public 11434, and patch NCT to stop container escapes. Stream LLM and runtime logs off-box, rotate tokens, and validate least-privilege settings to keep model IP and GPU workers safe.
Cisco ASA/FTD Attack Forces Reloads Update Immediately
A new attack variant against Cisco Secure Firewall ASA/FTD can force unexpected reloads, dropping VPNs and disrupting edge traffic. Reduce exposure, apply fixed releases, and harden management access. Validate HA under load and stream telemetry off-box to preserve evidence while you monitor for recurrence.
Block BEC: 9 Microsoft 365 Rules That Actually Work
Business email compromise drains budgets with executive spoofing and invoice fraud. This practical Microsoft 365 guide shows nine rules that actually stop BEC: tuned anti-phish and impersonation, Safe Links and Safe Attachments, SPF/DKIM/DMARC, phishing-resistant MFA with Conditional Access, external sender tags, mailbox hygiene, attack simulation, and a short incident playbook.
ChatGPT’s Atlas Browser Vulnerable to Prompt Injection Exploits
Security researchers revealed that ChatGPT’s Atlas Browser can be manipulated through hidden prompt injections, allowing attackers to hijack AI behavior, leak data, and bypass safeguards. Learn how it works and how to defend against it.
Europol Raid Ends Multi-Nation SIM-Farm Used for SMS Phishing
Europol has shut down a cross-border SIM-farm network used to automate smishing and VoIP fraud, seizing equipment, servers, and arresting dozens of operators.