March 23, 2025 A major security flaw in Synology's DiskStation Manager (DSM) software could allow remote attackers to take full control of affected systems—no user interaction required. Synology, a leading provider of network-attached storage (NAS) systems used by more...
March 23, 2025 A sophisticated cyberattack technique known as Browser-in-the-Middle (BitM) has emerged, enabling hackers to bypass multi-factor authentication (MFA) and hijack user sessions within seconds. This method exploits web browser functionalities to intercept authenticated sessions, posing a more...
March 23, 2025 A significant security breach has compromised Oracle Cloud's infrastructure, exposing approximately 6 million records and placing over 140,000 businesses at risk. Cybersecurity firm CloudSEK identified the breach on March 21, 2025, attributing it to a more...
March 23, 2025 Recent operational upheavals within the Cybersecurity and Infrastructure Security Agency's (CISA) Red Team are prompting serious concerns about the robustness of U.S. cyber defenses. The Red Team, tasked with simulating cyberattacks to identify vulnerabilities in more...
March 22, 2025 In this episode of 'Cybersecurity Today,' host Jim Love discusses the alarming ease of hacking into school systems and the serious implications it holds. Jim is joined by Randy Rose, VP of Security Operations and more...
March 18, 2025 A server-side request forgery (SSRF) vulnerability in OpenAI's ChatGPT infrastructure, tracked as CVE-2024-27564, is being actively exploited by attackers to redirect users to malicious URLs, placing organizations at significant risk. Researchers from cybersecurity firm Veriti more...
March 18, 2025 Cybersecurity company Malwarebytes is urging internet users to exercise caution when seeking free online file conversion tools, warning that some of these services are embedding malware into their downloads. The cybersecurity firm’s latest research, published more...
March 18, 2025 The Akira ransomware group emerged in 2023 with a mix of dark humour and ruthless tactics, famously requesting ransom payments in 125 thousand worth of French baguettes but they soon became a more serious threat. more...
March 16, 2025 Court documents reveal that Marko Elez, a staff member of the Department of Government Efficiency (DOGE), breached Treasury Department protocols by emailing unencrypted personal information to officials at the General Services Administration (GSA). The spreadsheet more...
March 16, 2025 A significant security vulnerability has been identified in the UpdraftPlus plugin, a widely used backup solution for WordPress websites. This flaw potentially allows unauthorized users to access sensitive backup files, posing substantial risks to affected more...
