News

Sophos MDR: New analyst response actions for Microsoft 365

Bys s May 15, 2025

Powerful new capabilities enable Sophos MDR analysts to respond to M365 attacks on your behalf.

News

Defense Giant General Dynamics Says Employees Targeted in Phishing Attack
By December 26, 2024

General Dynamics says several benefits accounts were hacked after threat actors targeted employees in a phishing campaign. The post Defense Giant General Dynamics Says Employees Targeted in Phishing Attack appeared first on SecurityWeek.

Read More Defense Giant General Dynamics Says Employees Targeted in Phishing Attack
News

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
Bys s February 23, 2026

The Iranian hacking group known as MuddyWater (aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST) has targeted several organizations and individuals mainly located across the Middle East and North Africa (MENA) region as part of a new campaign codenamed Operation Olalampo. The activity, first observed on January 26, 2026, has resulted in the deployment of new…

Read More MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
News

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
Bys s January 23, 2026

Fortinet has officially confirmed that it’s working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. “In the last 24 hours, we have identified a number of cases where the exploit was to a device that had been fully upgraded to the latest release at the…

Read More Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
News

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Bys s October 7, 2025

Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts. “XWorm’s modular design is built around a core client and an array of specialized components known as plugins,” Trellix researchers Niranjan Hegde and Sijo Jacob said in an analysis…

Read More XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
News

Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution
Bys s August 15, 2025

Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems. The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject

Read More Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution
News

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
Bys s February 9, 2026

Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization’s network to other high-value assets. That said, the Microsoft Defender Security Research Team said it’s not clear whether the activity weaponized recently

Read More SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Similar Posts