Blog

Blog

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions – VMware…

Blog

‘Trifecta’ of Google Gemini Flaws Turn AI Into Attack Vehicle

Flaws in individual models of Google’s AI suite created significant security and privacy risks for users, demonstrating the need for heightened defenses.

Blog

Report: Addressing cybersecurity burnout in 2025

The consequences of this burnout are far-reaching, affecting productivity, incident response times, and employee retention.

Blog

New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events

Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly. Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting “active senior

Blog

Is your SIEM still serving You? Why it might be time to rethink your security stack

Security teams are under increasing pressure to detect and respond to threats in real time, especially as the median dwell time for ransomware attacks has dropped from weeks to a few days. Yet many organizations still rely on legacy Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) tools. These tools…

Blog

AI-Powered Voice Cloning Raises Vishing Risks

A researcher-developed framework could enable attackers to conduct real-time conversations using simulated audio to compromise organizations and extract sensitive information.

Blog

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-32463 (CVSS score: 9.3), which affects Sudo versions prior…

Blog

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

‘Trifecta’ of Google Gemini Flaws Turn AI Into Attack Vehicle

Report: Addressing cybersecurity burnout in 2025

New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events

Is your SIEM still serving You? Why it might be time to rethink your security stack

AI-Powered Voice Cloning Raises Vishing Risks

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

IoT Security Flounders Amid Churning Risk

Sneaky, Malicious MCP Server Exfiltrates Secrets via BCC

Akira Hits SonicWall VPNs in Broad Ransomware Campaign