Older SonicWall SMA100 vulnerability exploited in the wild

CISA added the high-severity flaw, initially disclosed in 2021, to its known exploited vulnerabilities catalog this week.

By Rob Wright • April 17, 2025

CISA warns companies to secure credentials amid Oracle Cloud breach claims

The agency is asking organizations to come forward if they detect suspicious activity or other evidence of a compromise.

By David Jones • April 17, 2025

Mitre CVE program regains funding as renewal deal reached

The information security industry feared a lapse would lead to industrywide exposures of software vulnerabilities.

By David Jones • April 16, 2025

Hertz says personal data breached in connection with Cleo file-transfer flaws

The company is the latest organization to investigate or disclose an incident linked to a monthslong attack spree.

By David Jones • April 15, 2025

Remote access tools most frequently targeted as ransomware entry points

Supply chain risk via third-party vendors increased sharply last year, according to a report by At-Bay.

By David Jones • April 11, 2025

Windows CLFS zero-day exploited in ransomware attacks

A threat actor tracked as Storm-2460 has used PipeMagic malware to facilitate the attacks.

By David Jones • April 9, 2025

How AI Agents can help AppSec teams keep up with AI-generated code vulnerabilities

While AppSec teams are stuck with legacy scanners and backlogs, developers and hackers have adopted AI tools to accelerate their respective objectives.

By Charlie Klein, Director of Product Marketing, Jit • April 8, 2025

CISA adds Ivanti Connect Secure vulnerability to KEV catalog

CVE-2025-22457 is a critical stack buffer-overflow vulnerability. Ivanti had initially assessed as a low-level product bug that could not be exploited remotely.

By Rob Wright • April 7, 2025

House members press Commerce Secretary Lutnick on DOGE-related job cuts at NIST

The agency has already slashed dozens of probationary workers, and further cuts could have major consequences for cybersecurity standards and AI development. 

By David Jones • April 3, 2025

Sam’s Club investigating attack claim linked to Clop ransomware

The prolific gang is linked to the exploitation of critical flaws in Cleo file transfer software.

By David Jones • April 1, 2025

Critical vulnerability in CrushFTP file transfer software under attack

Questions and confusion surround the authentication bypass vulnerability, which was privately disclosed to customers on March 21.

By Rob Wright • April 1, 2025

CISA warns new malware targeting Ivanti zero-day vulnerability

CVE-2025-0282, a critical vulnerability that affects Ivanti’s Connect Secure, Policy Secure and ZTA Gateway products, was disclosed and patched in January.

By Rob Wright • March 31, 2025

Cybersecurity firms brace for impact of potential Oracle Cloud breach

As evidence continues to pile up, security providers warn customers to secure networks.

By David Jones • March 28, 2025

Solar power gear vulnerable to remote sabotage

Security flaws underscore the risk of cyber threat actors commandeering parts of the electric grid.

By Eric Geller, Contributing Reporter • March 28, 2025

Threat actor in Oracle Cloud breach may have gained access to production environments

Researchers from CloudSEK are analyzing a data sample from a threat actor that claimed a massive breach involving 6 million records. 

By David Jones • March 27, 2025

DrayTek routers face active exploitation of older vulnerabilities

The company’s devices are also randomly rebooting in connection with additional CVEs disclosed earlier this month.

By David Jones • March 26, 2025

Russian threat actor weaponized Microsoft Management Console flaw

A threat actor known as “EncryptHub” began exploiting the zero-day vulnerability before it was patched earlier this month.

By Elizabeth Montalbano, Contributing Reporter • Updated March 26, 2025

Critical vulnerabilities put Kubernetes environments in jeopardy

Wiz researchers warned that several CVEs in Ingress NGINX Controller for Kubernetes make nearly half of all cloud environments at risk of takeover.

By Rob Wright • Updated March 25, 2025

Critical Apache Tomcat RCE vulnerability exploited

Attack attempts via CVE-2025-24813 are underway, but successful attacks require specific, non-default configurations, according to GreyNoise.

By Rob Wright • March 24, 2025

How ASPM gives you control over complex architectures

ASPM gives organizations control by unifying risk data, automating threat analysis, and prioritizing vulnerabilities based on their business impact.

By Sohail Iqbal, Chief Information Security Officer, Veracode • March 24, 2025

Coinbase originally targeted during GitHub Action supply chain attack

Researchers from Palo Alto Networks said the hackers likely planned to leverage an open source project of the company for additional attacks.

By David Jones • March 21, 2025

GitHub Action compromise linked to previously undisclosed attack

Researchers uncovered a March 11 incident that may have led to the larger supply chain attack.  

By David Jones • March 20, 2025

Cisco Smart Licensing Utility flaws under attack

The SANS Internet Storm Center reported exploitation attempts against two critical vulnerabilities, which were initially disclosed in September.

By Rob Wright • March 20, 2025

11 nation-state groups exploit unpatched Microsoft zero-day

The tech giant has yet to address a vulnerability that allows for malicious payloads to be delivered via Windows shortcut files and has been under active attack for eight years.

By Elizabeth Montalbano, Contributing Reporter • March 19, 2025

AI project failure rates are on the rise: report

The share of businesses scrapping most of their AI initiatives increased to 42% this year, up from 17% last year, according to S&P Global Market Intelligence. 

By Lindsey Wilkinson • March 18, 2025