Newest stories
AI and the Future of Cybersecurity Work by Sohrob Kazerounian
2025-11-07T00:00:00ZIn recent years, new studies and institutes have emerged to explore which future jobs will stay huma...
https://www.vectra.ai/blog/ai-and-the-future-of-cybersecurity-workCommvault Command Center: unauthenticated RCE
2025-04-26T02:00:12ZClassification: Important, Solution: Official Fix, Exploit Maturity: Functional, CVSSv3.1: 10.0, CVE...
https://documentation.commvault.com/securityadvisories/CV_2025_04_1.htmlQuantum StorNext GUI: Multiple security vulnerabilities
2025-04-26T02:00:11ZClassification: Important, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.9, CVE...
https://www.quantum.com/en/service-support/security-bulletins/stornext-gui-multiple-security-vulnerabilities-stornext-gui-multiple-security-vulnerabilities/An AI-generated radio host in Australia went unnoticed for months
2025-04-26T02:00:10ZFor months, a popular Australian radio station has used an AI-generated DJ to host one of its segmen...
https://www.theverge.com/news/656245/australian-radio-station-ai-dj-workdays-with-thySAP NetWeaver Visual Composer development server: Missing authorization check
2025-04-26T02:00:10ZClassification: Critical, Solution: Not Defined, Exploit Maturity: Not Defined, CVSSv3.1: 10.0, CVEs...
https://nvd.nist.gov/vuln/detail/CVE-2025-31324Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors
2025-04-26T02:00:09ZAn APT group dubbed Earth Kurma is actively targeting government and telecommunications organization...
https://www.trendmicro.com/en_us/research/25/d/earth-kurma-apt-campaign.htmlReact Router: Pre-render data spoofing on React-Router framework mode
2025-04-26T02:00:09ZClassification: Severe, Solution: Official Fix, Exploit Maturity: Proof-of-Concept, CVSSv3.1: 8.2, C...
https://github.com/remix-run/react-router/security/advisories/GHSA-cpj6-fhp6-mr6jGig-Work Platforms at Risk for Data Breaches, Fraud, Account Takeovers
2025-04-26T02:00:08ZGig-work platforms have become household names, providing everything from meal and grocery delivery ...
https://www.darkreading.com/remote-workforce/gig-worker-platforms-data-breach-fraudh11 accepts some malformed Chunked-Encoding bodies
2025-04-26T02:00:08ZClassification: Low, Solution: Official Fix, Exploit Maturity: Proof-of-Concept, CVSSv3.1: 9.1, CVEs...
https://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfjFBI seeks help to unmask Salt Typhoon hackers behind telecom breaches
2025-04-26T02:00:07ZOn Thursday, the FBI issued a public service announcement seeking tips that could help identify and ...
https://www.bleepingcomputer.com/news/security/fbi-seeks-help-to-unmask-salt-typhoon-hackers-behind-telecom-breaches/Moodle: authenticated RCE vulnerabilities
2025-04-26T02:00:07ZClassification: Important, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 8.8, CVE...
https://nvd.nist.gov/vuln/detail/CVE-2025-3641Amid CVE funding fumble, 'we were mushrooms, kept in the dark,' says board member
2025-04-26T02:00:06ZWhat next for US-bankrolled vulnerability tracker? It's edging closer to a more independent, global ...
https://www.theregister.com/2025/04/25/cve_board_funding/Craft CMS: code injection RCE vulnerability
2025-04-26T02:00:06ZClassification: Severe, Solution: Official Fix, Exploit Maturity: Functional, CVSSv3.1: 9.8, CVEs: C...
https://github.com/craftcms/cms/security/advisories/GHSA-f3gw-9ww9-jmc3Various GPT services are vulnerable to "Inception" jailbreak, allows for bypass of safety guardrails
2025-04-26T02:00:05ZTwo systemic jailbreaks, affecting a number of generative AI services, were discovered. These jailbr...
https://kb.cert.org/vuls/id/667211ConnectWise ScreenConnect 25.2.4 Security Patch
2025-04-26T02:00:05ZClassification: Important, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 8.1, CVE...
https://www.connectwise.com/company/trust/security-bulletins/screenconnect-security-patch-2025.4More Ivanti attacks may be on horizon, say experts who are seeing 9x surge in endpoint scans
2025-04-26T02:00:04ZIvanti VPN users should stay alert as IP scanning for the vendor's Connect Secure and Pulse Secure s...
https://www.theregister.com/2025/04/25/more_ivanti_attacks_may_be/SonicOS SSLVPN NULL Pointer Dereference Denial-of-Service (DoS) Vulnerability
2025-04-26T02:00:04ZClassification: Severe, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.0: 7.5, CVEs: ...
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0009Marks & Spencer pauses online shopping following cyberattack
2025-04-26T02:00:03ZBritish retailer Marks & Spencer (M&S) announced on Friday it is pausing all online shopping...
https://therecord.media/marks-spencer-cyber-pauses-salesSignalgate lessons learned: If creating a culture of security is the goal, America is screwed
2025-04-25T23:58:09ZInfosec is a team sport unless you're in the White House OpinionĀ Just when it seems they couldn't ...
https://go.theregister.com/feed/www.theregister.com/2025/04/25/signalgate_lessons_learned_if_creating/Daily Dose of Dark Web Informer - 25th of April 2025
2025-04-25T23:21:06ZThis daily article is intended to make it easier for those who want to stay updated with my regular ...
https://darkwebinformer.com/daily-dose-of-dark-web-informer-25th-of-april-2025/