News

From inbox clutter to costly compromise: Why email threats still matter

Bys s October 20, 2025

Email-based attacks aren’t relics of the past. They’re active, sophisticated, and increasingly lucrative for attackers.

News

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control
Bys s October 15, 2025

Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit (RTU) products that, if successfully exploited, could result in code execution with the highest privileges. The shortcomings, tracked as CVE-2023-40151 and CVE-2023-42770, are both rated 10.0 on the CVSS scoring system. “The vulnerabilities affect Red Lion SixTRAK and VersaTRAK

Read More Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control
News

Help, please: Seeking copies of the PowerSchool ransom email(s)
Bys s June 11, 2025

Help, please: If anyone has a copy of the ransom note sent to PowerSchool in December 2024 or to PowerSchool clients on or about May 7, 2025, please email me a copy or upload it to me on Signal. I want to see not only the body, but the full header and signature. To reach…

Read More Help, please: Seeking copies of the PowerSchool ransom email(s)
News

New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
Bys s November 24, 2025

Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud infrastructures. The security defects “allow attackers to bypass authentication, perform path traversal, achieve remote code execution, cause denial-of-service conditions, and manipulate tags,” Oligo Security said in

Read More New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
News

US Announces Sanctions Against North Korean Fake IT Worker Network
Bys s January 17, 2025

The US Treasury has sanctioned two individuals and four entities involved in the North Korean fake IT worker scheme. The post US Announces Sanctions Against North Korean Fake IT Worker Network appeared first on SecurityWeek.

Read More US Announces Sanctions Against North Korean Fake IT Worker Network
News

Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
Bys s May 27, 2025

Threat hunters have exposed a novel campaign that makes use of search engine optimization (SEO) poisoning techniques to target employee mobile devices and facilitate payroll fraud. The activity, first detected by ReliaQuest in May 2025 targeting an unnamed customer in the manufacturing sector, is characterized by the use of fake login pages to access the…

Read More Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
News

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
Bys s May 19, 2026

Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance. “These vulnerabilities could have been exploited to read all mail traffic or as an entry vector into the…

Read More SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access

Similar Posts