Fortinet fixes two critical RCE flaws in FortiAuthenticator and FortiSandbox
Fortinet released a batch of patches across its products on Patch Tuesday, including two critical vulnerabilities that can lead to...
Introducing the updated AWS User Guide to Governance, Risk, and Compliance for Responsible AI...
The financial services industry (FSI) is using AI to transform how financial institutions serve their customers. AI solutions can help proactively manage portfolios, automatically...
Microsoft’s Patch Tuesday Update Targets 120 Security Flaws
Microsoft’s May Patch Tuesday fixes 120 flaws, including 31 remote code execution bugs, with no zero-days reported at release.
The post Microsoft’s Patch Tuesday Update...
PCI PIN and P2PE compliance packages for AWS Payment Cryptography are now available
Amazon Web Services (AWS) is pleased to announce the successful completion of Payment Card Industry Personal Identification Number (PCI PIN) and PCI Point-to-Point Encryption...
When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise
OverviewAttackers do not need to break into the front door when they can convince employees to open it for them through the tools they...
How Top SOCs and MSSPs Prevent Phishing Incidents Missed by Email Filters
Email filters are important, but they can’t remove phishing risk on their own. Today’s campaigns are built to slip through the cracks, using fresh domains, CAPTCHA checks,...
aria2c Improper Certificate Validation
aria2c Improper Certificate Validation Tenable Research discovered that aria2c accepts a server certificate with incorrect Extended Key Usage (EKU). If the attackers compromise a...
Canvas Owner Reaches Agreement With Cybercriminals After Ransomware Attack
Instructure says it reached an agreement with ShinyHunters over the Canvas breach data - Read more
CVE-2026-42833 Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
Updated the fixed version number. This is an informational change only. - Read more
Rapid7 Partner Academy: Driving Impact with Gold Stevie Award-Winning Partner Services Certifications
At Rapid7, our commitment to our partners is built on the foundation of the PACT (Partnering with Accountability, Consistency, and Transparency) program. Central to...
Latest article
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact.
The post New Windows Zero-Day Claims BitLocker...
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...
