Strengthening cyber resilience: Introducing Internal Attack Surface Management (IASM) for Sophos Managed Risk
Enhanced vulnerability management delivered as a managed service.
Similar Posts
Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager
Bys sIvanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager (EPM), including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale, are rooted in EPM, and concern absolute path traversal flaws…
Hackers steal patient and billing data from German hospitals via third-party provider
Bys sDaryna Antoniuk reports: German university hospitals are grappling with a large-scale patient data breach after unknown hackers targeted an external billing service provider used by medical centers across the country, according to statements from several affected medical institutions. The attack reportedly hit Unimed, a company that handles billing services for privately insured and self-paying patients on behalf……
From Silos to Synergy: Transforming Threat Intelligence Sharing in 2025
Bys sIn the face of ever-growing threats and adversaries, organizations must break down the silos between ALL teams involved in security. The post From Silos to Synergy: Transforming Threat Intelligence Sharing in 2025 appeared first on SecurityWeek.
FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing
Bys sThe U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting entities in the country. “As of 2025, Kimsuky actors have targeted think tanks, academic institutions, and both U.S. and foreign government entities with embedded malicious Quick Response (QR)
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks
Bys sCybersecurity researchers have called attention to a new campaign that’s actively exploiting a recently disclosed critical security flaw in Langflow to deliver the Flodrix botnet malware. “Attackers use the vulnerability to execute downloader scripts on compromised Langflow servers, which in turn fetch and install the Flodrix malware,” Trend Micro researchers Aliakbar Zahravi, Ahmed Mohamed
CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below – CVE-2025-11371 (CVSS score: 7.5) – A vulnerability in files or directories…