GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML)...
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025
As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud...
Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk
Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild.The vulnerability has been...
WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback
Browser maker Mozilla is urging users to update their Firefox instances to the latest version to avoid facing issues with using add-ons due to...
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed...
Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack
Threat intelligence firm GreyNoise is warning of a "coordinated surge" in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms."At least 400...
Pentesters: Is AI Coming for Your Role?
We've been hearing the same story for years: AI is coming for your job. In fact, in 2017, McKinsey printed a report, Jobs Lost,...
URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days
Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been...
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks
Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in "extremely sophisticated" attacks.The vulnerability has...
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November...