Google fix for active Chrome zero-day

Google rushes out fix for active Chrome zero-day CVE-2025-6554 – a critical vulnerability in Chrome’s V8 engine – is being exploited right now, so Google has released an out-of-band patch. What happened? • A type-confusion bug lets an attacker craft a web page that reads or writes arbitrary memory, paving the way for full code […]

Read More

Hidden threats in normal traffic

Why “Innocent” Network Traffic May Be Your Biggest Cyber Risk Threat actors increasingly disguise malicious activity as normal network traffic: 80 % of attacks in CrowdStrike’s 2025 report were “malware-free,” relying on credential theft, DLL hijacking and other living-off-the-land tactics. Traditional edge devices and EDR miss much of this traffic—Verizon notes breaches via VPNs and […]

Read More

zero-day spree hits Ivanti gateways

Chinese hackers weaponise new Ivanti CSA bugs to hit French public and private sector Chinese threat group “Houken” (overlapping Google Mandiant’s UNC5174) exploited three zero-day flaws in Ivanti Cloud Services Appliance (CSA) – CVE-2024-8963, CVE-2024-9380 and CVE-2024-8190 – to breach French government, telecoms, media, finance and transport bodies in September 2024. According to France’s cyber-security […]

Read More

hidden weaknesses in AI SOC tools

The hidden weaknesses in AI SOC tools AI-driven Security Operations Centre (SOC) platforms promise faster triage and fewer false alarms, yet most depend on pre-trained models that only recognise a narrow set of threats. These fixed models can’t keep up with today’s constantly shifting alert landscape, forcing analysts back to manual work whenever an unfamiliar […]

Read More

Sudo privilege-escalation double punch

Critical Sudo Bugs Hand Attackers Root Access – Patch Now Security researchers have uncovered two flaws in the ubiquitous Sudo utility that let any local user on vulnerable Linux and Unix-like systems gain root. • CVE-2025-32462 (CVSS 2.8) – a 12-year-old bug in the -h host option lets commands permitted for a different host run […]

Read More

Stop using factory passwords

Iranian attackers recently manipulated a small U.S. water-treatment station simply by logging in with the factory-set password “1111”. The incident led CISA to repeat years-old advice: default credentials remain one of the most abused weaknesses in operational-technology (OT) and IoT environments. Default passwords survive because they simplify initial set-up and bulk provisioning, yet they invite […]

Read More

Critical Veeam Backup Vulnerability

Veeam rushes out fix for critical backup flaw Veeam has issued updates for Backup & Replication after researchers from CODE WHITE and watchTowr disclosed CVE-2025-23121, a remote-code-execution bug scored 9.9/10.0 on the CVSS scale. The flaw affects every Version 12 build up to 12.3.1.1139 and lets an authenticated Windows domain user run arbitrary code on […]

Read More

Linux flaws let local users grab root

New Linux Bugs Give Attackers Instant Root – Patch Now Security firm Qualys has revealed two local-privilege-escalation bugs that, when chained, let any logged-in user on most Linux distributions become root in seconds. • CVE-2025-6018 sits in the PAM configuration shipped with openSUSE Leap 15 and SUSE Linux Enterprise 15, allowing a normal user to […]

Read More

Russian Hackers Beat Gmail 2FA with App Passwords

Russian Hackers Use Gmail App Passwords to Beat 2FA Russian state-linked group APT29 (UNC6293) is using Google “application-specific passwords” (ASPs) to sidestep two-factor authentication on Gmail accounts. Posing as U.S. State Department officials, the attackers court academics and Kremlin critics over several weeks, then send a PDF instructing victims to generate a 16-digit ASP and […]

Read More