News

From inbox clutter to costly compromise: Why email threats still matter

Bys s October 20, 2025

Email-based attacks aren’t relics of the past. They’re active, sophisticated, and increasingly lucrative for attackers.

News

Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta
Bys s February 17, 2026

Apple on Monday released a new developer beta of iOS and iPadOS with support for end-to-end encryption (E2EE) in Rich Communications Services (RCS) messages. The feature is currently available for testing in iOS and iPadOS 26.4 Beta, and is expected to be shipped to customers in a future update for iOS, iPadOS, macOS, and watchOS….

Read More Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta
News

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
Bys s December 9, 2025

Fortinet, Ivanti, and SAP have moved to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution. The Fortinet vulnerabilities affect FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager and relate to a case of improper verification of a cryptographic signature. They are tracked as CVE-2025-59718 and

Read More Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
News

HHS Office for Civil Rights Settles 9th Ransomware Investigation with Virtual Private Network Solutions
Bys s January 8, 2025

HHS OCR announced another settlement that is their ninth ransomware investigation and their third settlement as part of their Risk Analysis Initiative. This one stems from a breach by VPN Solutions that was previously reported on this site: Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a…

Read More HHS Office for Civil Rights Settles 9th Ransomware Investigation with Virtual Private Network Solutions
News

Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era
Bys s June 4, 2025

Traditional data leakage prevention (DLP) tools aren’t keeping pace with the realities of how modern businesses use SaaS applications. Companies today rely heavily on SaaS platforms like Google Workspace, Salesforce, Slack, and generative AI tools, significantly altering the way sensitive information is handled. In these environments, data rarely appears as traditional files or crosses networks

Read More Your SaaS Data Isn’t Safe: Why Traditional DLP Solutions Fail in the Browser Era
News

Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
Bys s December 9, 2025

Four distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader, strengthening the previous assessment that the tool is offered to other threat actors under a malware-as-a-service (MaaS) model. The threat actor behind CastleLoader has been assigned the name GrayBravo by Recorded Future’s Insikt Group, which was previously tracking it as…

Read More Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
News

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
Bys s July 11, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weaponized in the wild. The shortcoming in question is CVE-2025-5777 (CVSS score: 9.3), an instance of insufficient input validation that

Read More CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

Similar Posts