‘Lemon Sandstorm’ Underscores Risks to Middle East Infrastructure
The Iranian state-backed group targeted the operational technology of a critical national infrastructure (CNI) network and persisted in its network for years, but ultimately failed.
Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT
Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system. “This vulnerability is due to the presence of a…
Ivanti Connect Buffer Overflow Vulnerability
What is the Vulnerability?CVE-2025-22457 is identified as a buffer overflow vulnerability affecting Ivanti Connect Secure, Policy Secure and ZTA Gateways. If successfully exploited, can result in remote code execution. This exploitation poses significant risks, potentially allowing unauthorized remote access to systems.The Google Threat Intelligence Group (GTIG) has linked the exploitation of CVE-2025-22457 and the subsequent…
‘CoGUI’ Phishing Kit Helps Chinese Hackers Target Japan
Japan is being peppered with an overwhelming volume of spam, thanks to a new platform popular across the East China Sea.
TikTok Fined €530 Million Over Chinese Access to EU Data
European regulators sent an unmistakable message about messing around with GDPR-protected data. How can organizations avoid similar compliance hassles?
Meta Wins Lawsuit Against Spyware Vendor NSO Group
The spyware company must pay the tech giant $168 million in punitive and compensatory damages after a 2019 attack targeting 1,400 devices.
Play Ransomware Group Used Windows Zero-Day
Previously, Microsoft reported that Storm-2460 had also used the privilege escalation bug to deploy ransomware on organizations in several countries.
‘Bring Your Own Installer’ Attack Targets SentinelOne EDR
Researchers from Aon’s Stroz Friedberg incident response firm discovered a new attack type, known as “Bring Your Own Installer,” targeting misconfigured SentinelOne EDR installs.
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated remote code execution with elevated privileges. The vulnerabilities, tracked as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, have all been described as XML External Entity (XXE) injections, which occur when an attacker is
Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection
Security Service Edge (SSE) platforms have become the go-to architecture for securing hybrid work and SaaS access. They promise centralized enforcement, simplified connectivity, and consistent policy control across users and devices. But there’s a problem: they stop short of where the most sensitive user activity actually happens—the browser. This isn’t a small omission. It’s a…