The Wild West of Shadow IT: Why Your Staff Are Installing Trouble at the Click of a Button The CyberWhite article The Wild West of Shadow IT warns that employees now adopt SaaS and AI tools faster than security teams can vet them, creating a sprawl of unapproved apps, OAuth tokens and embedded AI that […]
How to Stop a Sneaky Man-in-the-Middle The CyberWhite guide explains how man-in-the-middle (MITM) attacks let crooks slip between users and online services to pinch log-ins, card details and other goodies. It recaps headline-grabbing examples (Equifax, Lenovo Superfish, DigiNotar) and outlines favourite tactics: rogue public-Wi-Fi, mDNS/DNS spoofing, ARP games and look-alike access points. Defence boils down […]
HPE’s Wi‑Fi Kit Gets a Nasty Surprise: Hard‑Coded Passwords Hewlett‑Packard Enterprise (HPE) has patched two nasty bugs in its Instant On wireless access‑points. The worst, CVE‑2025‑37103 (CVSS 9.8), comes from hard‑coded admin credentials that let anyone waltz straight past the login screen. A second flaw, CVE‑2025‑37102 (CVSS 7.2), allows command injection once you’re signed in. Chained together, the pair […]
Patch your SharePoint, or it’ll patch you Microsoft has rushed out emergency patches for CVE‑2025‑53770, a critical (CVSS 9.8) remote‑code‑execution flaw in on‑premises SharePoint Server. The bug, triggered by unsafe deserialisation in the machineAccountCheck function, is already being weaponised in the wild—at least 54 organisations have been hit, including banks, universities and government bodies. A related spoofing […]
Hackers Turn GitHub into a Free Malware Hotel Researchers have spotted cyber‑crooks abusing public GitHub repositories as free, trustworthy‑looking hosting for malware. The gang, nicknamed “GrokRAT” by Trend Micro, uploads innocent‑looking projects that actually hide an encrypted Remote‑Access Trojan. Victims receive a phishing email with a link to the repo’s raw file; a PowerShell one‑liner […]
Patch your Apache before it mines crypto on your behalf Security researchers have spotted active exploitation of a new Apache HTTP Server bug, CVE‑2025‑31925 (CVSS 9.4). The flaw lives in the mod_proxy_uwsgi module: a single malicious request can trigger a buffer overflow and lets an attacker run commands with the same privileges as Apache. Threat […]
Patch Your Browser, Save Your Bacon – Google’s Latest Zero‑Day Fix Google has rushed out Chrome version 138.0.7204.157/158 to patch six flaws, headlined by CVE‑2025‑6558 (CVSS 8.8). The bug lives in ANGLE/GPU code and lets a malicious web page break out of Chrome’s sandbox—a handy stepping‑stone to full system compromise. Google’s Threat Analysis Group spotted the exploit […]
“Golden DMSA” – Windows gets its own Wonka ticket for hackers Security researchers have uncovered a new Windows privilege‑escalation trick dubbed “Golden DMSA.” The technique abuses the Digital Media Streaming Authentication (DMSA) protocol baked into every modern version of Windows. By replaying a single network handshake, an attacker can mint a “golden” DMSA token that Windows happily […]
UNC6148: The Crew That Keeps Sneaking Back Into “Fully Patched” SonicWall Boxes Google’s Threat Intelligence Group (GTIG) has linked a campaign against fully-patched yet end-of-life SonicWall SMA 100 series remote-access appliances to a threat cluster it tracks as UNC6148. The attackers are re-entering appliances by using stolen administrator credentials and one-time-password (OTP) seeds lifted during […]
