News

Cisco warns of max severity RCE flaws in Identity Services Engine
Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities ...
Man pleads guilty to hacking networks to pitch security services
A Kansas City man has pleaded guilty to hacking multiple organizations to advertise his cybersecurity services, the U.S.
Microsoft 365 'Direct Send' abused to send phishing as internal users
An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called "Direct Send" to evade detection by email ...
Microsoft fixes Outlook bug causing crashes when opening emails
Microsoft has fixed a known issue that will cause the classic Outlook email client to crash when opening emails or starting a ...
CISA: AMI MegaRAC bug enabling server hijacks exploited in attacks
CISA says a maximum severity vulnerability in AMI's MegaRAC Baseboard Management Controller (BMC) software, which enables ...
Microsoft confirms Family Safety blocks Google Chrome from launching
Microsoft has confirmed that its Family Safety parental control service is blocking users from launching Google Chrome and ...
Hackers turn ScreenConnect into malware using Authenticode stuffing
Threat actors are abusing the ConnectWise ScreenConnect installer to build signed remote access malware by modifying hidden ...
3 key takeaways from the Scattered Spider attacks on insurance firms
Identity is the new battleground—and Scattered Spider exploits it. Join Push Security to unpack how identity-based attacks are reshaping the threat landscape, and how to defend against MFA bypass, ...
Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks
A sophisticated malicious campaign that researchers call OneClik has been leveraging Microsoft's ClickOnce software ...
Google releases Gemini CLI with free Gemini 2.5 Pro
Google has released Gemini 2.5 Pro-powered Gemini CLI, which allows you to use Gemini inside your terminal, including Windows ...
Citrix warns of NetScaler vulnerability exploited in DoS attacks
Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the ...
New wave of ‘fake interviews’ use 35 npm packages to spread malware
A new wave of North Korea's 'Contagious Interview' campaign is targeting job seekers with malicious npm packages that infect ...