Attackers are mapping your attack surface—are you?
Today’s threat landscape, attack surfaces are expanding faster than most security teams…
Not Every CVE Deserves a Fire Drill: Focus on What’s Exploitable
More than 40,000 new vulnerabilities (CVEs) were published in 2024 alone. More…
GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts
Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial…
CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs
May 23, 2025Ravie LakshmananCloud Security / VulnerabilityThe U.S. Cybersecurity and Infrastructure Security…
Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise
May 22, 2025Ravie LakshmananCybersecurity / Vulnerability A privilege escalation flaw has been…
Ivanti EPMM flaw exploited by Chinese hackers to breach govt agencies
Chinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint…
Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks
May 22, 2025Ravie LakshmananVulnerability / Threat Intelligence A Chinese-speaking threat actor tracked…
Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE
Critical vulnerabilities in Versa Concerto that are still unpatched could allow remote…
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics
Russian cyber threat actors have been attributed to a state-sponsored campaign targeting…