News

Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data

Bys s October 29, 2025

Exploitation of CVE-2025-59287 began after public disclosure and the release of proof-of-concept code

News

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
Bys s April 9, 2026

Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. “This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data,” the Microsoft Defender

Read More EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
News

Beware the Hidden Risk in Your Entra Environment
Bys s June 25, 2025

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk. A gap in access control in Microsoft Entra’s subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them. All the guest…

Read More Beware the Hidden Risk in Your Entra Environment
News

Inspiring Futures: Empowering the Next Generation of Girls in Tech
Bys s October 15, 2025

At Sophos, we’re proud to champion the next generation of women in tech by creating early opportunities, fostering confidence, and supporting inclusive initiatives that empower girls to explore and thrive in technology.

Read More Inspiring Futures: Empowering the Next Generation of Girls in Tech
News

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
Bys s March 19, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, stating they have been actively exploited in the wild. The vulnerabilities in question are as follows – CVE-2025-66376 (CVSS score: 7.2) – A stored cross-site scripting

Read More CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
News

Georgia Tech Research Corporation Agrees to Pay $875,000 to Resolve Civil Cyber-Fraud Litigation
Bys s September 30, 2025

The governmment continues to enforce contractors’ obligations to adhere to cybersecurity standards in their Department of Defense (DoD, now Department of War) contracts. A press release today reveals another enforcement action: Georgia Tech Research Corporation (GTRC) has agreed to pay the United States $875,000 to resolve allegations that it violated the False Claims Act and federal common……

Read More Georgia Tech Research Corporation Agrees to Pay $875,000 to Resolve Civil Cyber-Fraud Litigation
News

New fugitive uploaded to EU Most Wanted list for major ransomware attacks
Bys s September 16, 2025

From Europol: A high-value cybercrime suspect has been added to the EU Most Wanted list. The individual, a Ukrainian national, is believed to be a leading figure in an organised crime network responsible for the 2019 ransomware attack against a major Norwegian aluminium company, as well as a series of other global cyber-attacks. The fugitive is……

Read More New fugitive uploaded to EU Most Wanted list for major ransomware attacks

Similar Posts