SecurityWeek21m
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits.
SecurityWeek1h
Halo ITSM Vulnerability Exposed Organizations to Remote Hacking
An unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data.
SecurityWeek4h
Hunters International Ransomware Gang Rebranding, Shifting Focus
The notorious cybercrime group Hunters International is dropping ransomware to focus on data theft and extortion.
SecurityWeek5h
Cybersecurity M&A Roundup: 23 Deals Announced in March 2025
Less than two dozen cybersecurity merger and acquisition (M&A) deals were announced by security firms in March 2025.
SecurityWeek6h
39 Million Secrets Leaked on GitHub in 2024
GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected.
SecurityWeek6h
Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability
Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one ...
SecurityWeek7h
Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks
Cisco fixes two high-severity denial-of-service vulnerabilities in Meraki devices and Enterprise Chat and Email.
SecurityWeek8h
Google Released Second Fix for Quick Share Flaws After Patch Bypass
Google’s patches for Quick Share for Windows vulnerabilities leading to remote code execution were incomplete and could be easily bypassed.