New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner
A Chinese-affiliated threat actor known for its cyber-attacks in Asia has been observed exploiting a security flaw in security software from ESET to deliver...
Explosive Growth of Non-Human Identities Creating Massive Security Blind Spots
GitGuardian's State of Secrets Sprawl report for 2025 reveals the alarming scale of secrets exposure in modern software environments. Driving this is the rapid...
PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware
Microsoft has revealed that a now-patched security flaw impacting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks...
CISA Warns of CentreStack’s Hard-Coded MachineKey Vulnerability Enabling RCE Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Gladinet CentreStack to its Known Exploited Vulnerabilities (KEV)...
Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability
Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has...
Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered
Adobe has released security updates to fix a fresh set of security flaws, including multiple critical-severity bugs in ColdFusion versions 2025, 2023 and 2021 that...
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw
Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes.The vulnerability,...
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal
Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could...
Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings
Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the...
Agentic AI in the SOC – Dawn of Autonomous Alert Triage
Security Operations Centers (SOCs) today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst...
