SAP patches critical NetWeaver bugs (CVSS up to 10). Time to patch, not panic. SAP has released September patches addressing multiple flaws, including three critical issues in SAP NetWeaver (CVSS scores up to 10.0) that could allow code execution, arbitrary file upload, or unauthorised access—one via the RMI-P4 module. A high-severity bug in SAP S/4HANA […]
Salty2FA: the phishing kit that pinches your codes (not your chips) Researchers at ANY.RUN have identified Salty2FA, a phishing-as-a-service kit used across the US and EU that steals credentials and bypasses 2FA (including push, SMS and voice). Campaigns ramped up from June 2025 and target sectors such as finance, energy, telecoms, healthcare and government. A […]
Microsoft Patch Tuesday (September 2025): 80 fixes, one very nosey SMB bug Microsoft’s September 2025 Patch Tuesday fixes 80 vulnerabilities: 8 Critical and 72 Important. None are known to be exploited, but one flaw was publicly disclosed before patching: CVE-2025-55234 in Windows SMB, which can enable relay attacks leading to privilege escalation if SMB signing/EPA […]
AsyncRAT rides ScreenConnect: what’s going on? Researchers detail a campaign abusing ConnectWise ScreenConnect to deploy AsyncRAT and pinch credentials and crypto. Attackers either hijack a ScreenConnect session or lure victims with trojanised installers in phishing emails. Once in, they run a layered VBScript + PowerShell loader that fetches two payloads (“logs.ldk” and “logs.ldr”), sets up […]
FBI warning: crime rings are nicking your Salesforce data The FBI has issued a flash alert about two financially motivated threat clusters, UNC6395 and UNC6040, actively raiding Salesforce environments for data theft and extortion. UNC6395 piggy-backed on the Salesloft Drift incident by abusing compromised OAuth tokens, a breach Salesloft links to an earlier GitHub account […]
HybridPetya: the ransomware that slips past Secure Boot Security researchers (ESET) have analysed a new ransomware strain dubbed HybridPetya, which echoes Petya/NotPetya but adds a modern twist: it can bypass UEFI Secure Boot using a now-patched flaw (CVE-2024-7344) in a UEFI component. Samples appeared on VirusTotal in February 2025. HybridPetya works via an installer + […]
Automation is redefining pentesting (and yes, it’s about time) While penetration testing remains essential, the delivery of results hasn’t kept pace. Many teams still receive long, static PDFs and then manually copy findings into tools like Jira or ServiceNow—adding delays and eroding value. It promotes automated pentest delivery: streaming findings in real time into the […]
Citrix rushes fixes for three NetScaler bugs — one’s already being exploited Citrix has released patches for three security flaws in NetScaler ADC and NetScaler Gateway. One of them—CVE-2025-7775 (CVSS 9.2)—is already being actively exploited. The others are CVE-2025-7776 (CVSS 8.8) and CVE-2025-8424 (CVSS 8.7). • 7775/7776 are memory overflow bugs that can lead to […]
Salt Typhoon: edge devices in the firing line “Salt Typhoon,” a China-linked APT, has been exploiting vulnerabilities in edge network devices (notably from Cisco, Ivanti and Palo Alto Networks) to break into organisations worldwide—around 600 victims across 80 countries, including the UK. Initial access involves known CVEs (e.g., Cisco IOS XE and Smart Install flaws, […]
