Flash Notices

Flash Notice: Attackers Abuse Velociraptor - Open-Source Tool Used in Targeted Ransomware Campaigns

Cisco Talos has confirmed that ransomware operators are weaponizing Velociraptor, an open-source DFIR tool, to aid in the deployment of ransomware attacks.

Flash Notice: Google Salesforce Breach - An In-Depth Analysis of UNC6040's Extortion Campaign

In June 2025, Google’s internal Salesforce instance, used for managing SMB data, was breached in a cyberattack orchestrated by the UNC6040 threat group.

Flash Notice: AI vs. AI - Microsoft’s Battle Against AI-Obfuscated Phishing Campaigns

Microsoft Threat Intelligence recently shut down a credential phishing campaign employing AI to obfuscate attack payloads and evade conventional defenses.

Flash Notice: Google Releases Patch for Actively Exploited Chrome Zero-Day

Google has urgently released a security update to address a critical zero-day vulnerability (CVE-2025-10585) in its Chrome web browser.

Flash Notice: Hackers Hijack NPM Packages - Multi-Billion Weekly Downloads Targeted in Supply Chain Attack

A major software supply chain attack has shaken the open-source JavaScript ecosystem, as attackers hijacked several high-profile npm packages.

Flash Notice: Critical Memory Overflow in Citrix NetScaler ADC & Gateway

CVE-2025-7775 is a critical memory overflow vulnerability in Citrix NetScaler ADC and NetScaler Gateway that enables unauthenticated RCE and/or DoS.

Flash Notice: Critical Unauthenticated RCE in Microsoft SharePoint Server

CVE-2025-53770 is a critical unauthenticated remote code execution (RCE) vulnerability affecting on-premises Microsoft SharePoint Server deployments.

Flash Notice: WordPress Review Plugin Local File Inclusion

CVE-2025-2158 is a high-severity LFI vulnerability affecting the WordPress Review Plugin: The Ultimate Solution for Building a Review Website.

Flash Notice: Azure Information Disclosure Vulnerability

CVE-2025-33072 is a high-severity information disclosure vulnerability in Microsoft Azure resulting from improper access control on a web service endpoint.

Flash Notice: Azure Automation Privilege Elevation Vulnerability

CVE-2025-29827 is a critical vulnerability affecting Microsoft's Azure Automation service.

Prev 1 2 3 4 5 Next