FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Ravie LakshmananMar 10, 2026Network Security / Vulnerability Cybersecurity researchers are calling attention…
Where Multi-Factor Authentication Stops and Credential Abuse Starts
Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are…
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
A Russian-speaking, financially motivated threat actor has been observed taking advantage of…
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
Ravie LakshmananFeb 09, 2026Vulnerability / Endpoint Security Microsoft has revealed that it…
China-Linked APT Exploited Sitecore Zero-Day in Critical Infrastructure Intrusions
Ravie LakshmananJan 16, 2026Zero-Day / Cyber Espionage A threat actor likely aligned…
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation
Federal Civilian Executive Branch (FCEB) agencies are being advised to update their…
Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks
The financially motivated threat actor known as Storm-0501 has been observed refining…
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
Jul 28, 2025Ravie LakshmananCyber Attack / Ransomware The notorious cybercrime group known…
Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise
May 22, 2025Ravie LakshmananCybersecurity / Vulnerability A privilege escalation flaw has been…