Category: Uncategorized
-
Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure [email protected] (The Hacker News)
Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions. The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for JanuaryRead…
-
Authorization sprawl: Attacking modern access models
Attackers exploit authorization sprawl by using legitimate credentials and SSO tokens to move between systems, bypassing security controls and deploying ransomware undetected.Read More
-
Ransomware threat actors today and how to thwart them
Top experts convened on BrightTALK’s ‘CISO Insights’ to discuss ‘Ransomware 3.0’ — the current threat and what organizations, large and small, must do to thwart these bad actors.Read More
-
6 edge monitoring best practices in the cloud
When it comes to application monitoring, edge workloads are outliers — literally and metaphorically. Learn what sets them apart and how to implement monitoring best practices.Read More
-
Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games [email protected] (The Hacker News)
Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah. Cybersecurity company Resecurity said the breach was announced on Telegram on June 22, 2025, in the form of SQL database dumps, characterizing it as an information operation “carried out…
-
Beware the Hidden Risk in Your Entra Environment [email protected] (The Hacker News)
If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk. A gap in access control in Microsoft Entra’s subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them. All the guest…
-
What is single sign-on (SSO)?
Single sign-on (SSO) is a session and user authentication service that lets users access multiple applications or systems with a single set of login credentials.Read More
-
10 remote work cybersecurity risks and how to prevent them
Larger attack surfaces, limited oversight of data use, AI-driven attacks and vulnerable enterprise technologies are among the security risks faced in remote work environments.Read More
-
SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks [email protected] (The Hacker News)
Unknown threat actors have been distributing a trojanized version of SonicWall’s SSL VPN NetExtender application to steal credentials from unsuspecting users who may have installed it. “NetExtender enables remote users to securely connect and run applications on the company network,” SonicWall researcher Sravan Ganachari said. “Users can upload and download files, access network drives, and…
-
North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages [email protected] (The Hacker News)
Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation originating from North Korea. According to Socket, the ongoing supply chain attack involves 35 malicious packages that were uploaded from 24 npm accounts. These packages have been collectively downloaded over 4,000 times. The complete list of the…