Google Cloud Platform (GCP) Google Security Operations IDE Code Execution Protection Bypass
Google Cloud Platform (GCP) Google Security Operations IDE Code Execution Protection Bypass Tenable Research has identified and responsibly disclosed a safety mechanism bypass vulnerability...
[R1] Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities
Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 11/03/2025 - 09:50
Tenable Identity Exposure leverages third-party software to help provide...
WordPress – Ultimate Dashboard exposed API Key
WordPress - Ultimate Dashboard exposed API Key Ultimate Dashboard allows to replace the default WordPress dashboard widgets with your own and give the WordPress...
Knee-jerk corporate responses to data leaks protect brands like Qantas — but consumers are...
When courts ban people from accessing leaked data – as happened after the airline’s data breach – only hackers and scammers winFollow our Australia...
Datadog threat roundup: Top insights for Q3 2025
Threat insights from Datadog Security Labs for Q3 2025. - Read more
Learnings from recent npm supply chain compromises
A look at recent npm supply chain compromises and how we can learn from them to better prepare for future incidents. - Read...
Dell Storage Manager Multiple Vulnerabilities
Dell Storage Manager Multiple Vulnerabilities CVE-2025-43995: Authentication Bypass in DSM Data Collector (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) An unauthenticated remote attacker can access APIs exposed by ApiProxy.war in DataCollectorEar.ear...
Google Cloud Platform (GCP) Dialogflow Service Agent Token Leak and Abuse Through Conversational Agents
Google Cloud Platform (GCP) Dialogflow Service Agent Token Leak and Abuse Through Conversational Agents Tenable Research has identified and responsibly disclosed a critical privilege...
CoPhish: Using Microsoft Copilot Studio as a wrapper for OAuth phishing
Copilot Studio links look benign, but they can host content to redirect users to arbitrary URLs. In this post, we document a method by...
[R1] Tenable Identity Exposure Version 3.93.4 Fixes Multiple Vulnerabilities
Tenable Identity Exposure Version 3.93.4 Fixes Multiple Vulnerabilities Arnie Cabral Fri, 10/17/2025 - 10:02
Tenable Identity Exposure leverages third-party software to help provide...
Latest article
Check Point VPN Authentication Bypass Vulnerability
What is the Vulnerability? A critical authentication bypass vulnerability, CVE-2026-50751 (CVSS...
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
Security teams’ patching practices have come under intense pressure over the past year, as active exploitation is up, time-to-exploit windows...
Hackers Abuse Fake Utility Downloads to Install ScreenConnect and Mine Cryptocurrency
Hackers are turning everyday software searches into a trap. A sophisticated cryptojacking campaign is actively targeting users who search for popular PC utilities online,...
Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans
Blake McDermott is Senior Threat Hunter at Rapid7.Every week, threat hunt teams are faced with a steady flow of blogs, advisories, and DFIR reports...
