News

Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job

Bys s August 7, 2025

Following on from our preview, here’s Ben Gelman and Sean Bergeron’s research on enhancing command line classification with benign anomalous data

News

ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories
Bys s November 13, 2025

Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us. But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger…

Read More ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories
News

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution
Bys s December 18, 2025

Hewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software that, if successfully exploited, could result in remote code execution. The critical vulnerability, assigned the CVE identifier CVE-2025-37164, carries a CVSS score of 10.0. HPE OneView is an IT infrastructure management software that streamlines IT operations and controls all systems via a

Read More HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution
News

Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution
Bys s August 19, 2025

A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild, putting organizations at risk of system compromise and data theft. The exploit in question chains together CVE-2025-31324 and CVE-2025-42999 to bypass authentication and achieve remote code execution, SAP security company Onapsis said. CVE-2025-31324 (CVSS score: 10.0) – Missing

Read More Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution
News

Identity Security Has an Automation Problem—And It’s Bigger Than You Think
Bys s May 22, 2025

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than 4% of security teams have fully automated their core…

Read More Identity Security Has an Automation Problem—And It’s Bigger Than You Think
News

EU sanctions 3 GRU members for cyberattacks against Estonia
Bys s January 27, 2025

ERR News reports: The European Union on Monday (January 27) imposed sanctions on three members of Russia’s military intelligence (GRU), who conducted a cyberattack against Estonia in May 2020. Estonia named the three GRU members – Yuri Denisov, Nikolay Korchagin and Vitali Shevchenko – last autumn after an investigation. It then declared them international fugitives….

Read More EU sanctions 3 GRU members for cyberattacks against Estonia
News

Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices
Bys s October 29, 2025

Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi. “These automated campaigns exploit known CVE vulnerabilities and cloud misconfigurations to gain control over exposed systems and expand botnet networks,” the Qualys Threat Research Unit (TRU) said…

Read More Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

Similar Posts