CISA gives govt agencies 7 days to patch new Fortinet flaw

CISA has ordered U.S. government agencies to secure their systems within a week against another vulnerability in Fortinet's ...

New WrtHug campaign hijacks thousands of end-of-life ASUS routers

Thousands of ASUS WRT routers, mostly end-of-life or outdated devices, have been hijacked in a global campaign called ...

California man admits to laundering crypto stolen in $230M heist

A 45-year-old from Irvine, California, has pleaded guilty to laundering at least $25 million stolen in a massive $230 million ...

Cloudflare blames this week's massive outage on database issues

On Tuesday, Cloudflare experienced its worst outage in 6 years, blocking access to many websites and online platforms for ...

‘PlushDaemon’ hackers hijack software updates in supply-chain attacks

The China-aligned advanced persistent threat (APT) tracked as 'PlushDaemon' is hijacking software update traffic to deliver ...

New ShadowRay attacks convert Ray clusters into crypto miners

A global campaign dubbed ShadowRay 2.0 hijacks exposed Ray Clusters by exploiting an old code execution flaw to turn them ...

French agency Pajemploi reports data breach affecting 1.2M people

Pajemploi, the French social security service for parents and home-based childcare providers, has suffered a data breach that ...

Fortinet warns of new FortiWeb zero-day exploited in attacks

Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively ...

Microsoft Teams to let users report messages wrongly flagged as threats

Microsoft says that Teams users will be able to report false-positive threat alerts triggered by messages incorrectly flagged ...

Microsoft to integrate Sysmon directly into Windows 11, Server 2025

Microsoft announced today that it will integrate Sysmon natively into Windows 11 and Windows Server 2025 next year, making it ...

Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters

An in-development build of the upcoming ShinySp1d3r ransomware-as-a-service platform has surfaced, offering a preview of the upcoming extortion operation.

The hidden risks in your DevOps stack data—and how to address them

DevOps repos on GitHub, GitLab, Bitbucket, and Azure DevOps face risks from weak access controls, misconfigurations, outages, and accidental deletions. GitProtect provides automated, immutable backups ...