Security News

10 Critical Network Pentest Findings IT Teams Overlook
2025-03-21 11:01

After conducting over 10,000 automated internal network penetration tests last year, vPenTest has uncovered a troubling reality that many businesses still have critical security gaps that...

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
2025-03-21 05:09

Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in...

Critical Cisco Smart Licensing Utility flaws now exploited in attacks
2025-03-20 19:05

Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a built-in backdoor admin account. [...]

Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist
2025-03-20 18:33

Palming off the blame using an ‘unknown’ best practice didn’t go down well either In patching the latest critical remote code execution (RCE) bug in Backup and Replication, software shop Veeam is...

UK urges critical orgs to adopt quantum cryptography by 2035
2025-03-20 16:23

The UK's National Cyber Security Centre (NCSC) has published specific timelines on migrating to post-quantum cryptography (PQC), dictating that critical organizations should complete migration by...

Critical GitHub Attack
2025-03-20 15:14

This is serious: A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The attack, which...

Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120)
2025-03-20 12:06

Veeam has released fixes for a critical remote code execution vulnerability (CVE-2025-23120) affecting its enterprise Veeam Backup & Replication solution, and is urging customers to quickly...

IBM scores perfect 10 ... vulnerability in mission-critical OS AIX
2025-03-19 18:58

Big Blue's workstation workhorse patches hole in network installation manager that could let the bad guys in IBM "strongly recommends" customers running its Advanced Interactive eXecutive (AIX)...

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?
2025-03-19 16:30

By simply sending HTTP requests, attackers can trigger the deserialisation of malicious data in Tomcat's session storage and gain control.

Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems
2025-03-19 06:59

Cybersecurity researchers have disclosed details of two critical flaws impacting mySCADA myPRO, a Supervisory Control and Data Acquisition (SCADA) system used in operational technology (OT)...