Sophos Firewall v22 is now available
Secure by Design.
Similar Posts
Viral ‘Quittr’ Porn Addiction App Exposed the Masturbation Habits of Hundreds of Thousands of Users
Bys sEmanuel Maiberg reports: Quittr, an app that promises to help men stop watching pornography, leaked intimate data on hundreds of thousands of its users, including their masturbation habits, and lied about its security issues, 404 Media can now reveal. I first reported about Quittr exposing user data in January, but was unable to name Quittr in……
New Research Reveals: 95% of AppSec Fixes Don’t Reduce Risk
Bys sFor over a decade, application security teams have faced a brutal irony: the more advanced the detection tools became, the less useful their results proved to be. As alerts from static analysis tools, scanners, and CVE databases surged, the promise of better security grew more distant. In its place, a new reality took hold—one defined…
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Bys sCybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years. The vulnerability, discovered by depthfirst, is a heap buffer overflow issue impacting ngx_http_rewrite_module (CVE-2026-42945, CVSS v4 score: 9.2) that could allow an attacker to achieve remote code execution or cause a
Ukrainian National Extradited from Spain to Face Conspiracy to Use Ransomware Charge
Bys sA press release from the Department of Justice Defendant Allegedly Took Part in Global Ransomware Scheme Using “Nefilim” Ransomware Strain Thursday, May 1, 2025 Earlier today, in federal court in Brooklyn, a superseding indictment was unsealed charging Artem Stryzhak with conspiracy to commit fraud and related activity, including extortion, in connection with computers, for his…
⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs
Bys sCyber threats don’t show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the key isn’t just reacting to alerts—it’s spotting early signs of trouble before they become real threats. This update is designed to deliver clear, accurate insights based on real patterns and…
New “Brash” Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL
Bys sA severe vulnerability disclosed in Chromium’s Blink rendering engine can be exploited to crash many Chromium-based browsers within a few seconds. Security researcher Jose Pino, who disclosed details of the flaw, has codenamed it Brash. “It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations…