News

Industrial-strength April Patch Tuesday covers 135 CVEs

Bys s April 9, 2025

One actively exploited issue patched; five Critical-severity Office vulns exploitable via Preview Pane

News

CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog
Bys s August 13, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting N-able N-central to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. N-able N-central is a Remote Monitoring and Management (RMM) platform designed for Managed Service Providers (MSPs), allowing customers to efficiently manage and secure

Read More CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog
News

Huge Fines Imposed by Thailand’s PDPC: A Major Alert on Data Privacy Violations (Thailand)
Bys s August 30, 2025

Shunsuke Minowa and Poonyisa Sornchangwat of Nagashima Ohno & Tsunematsu write: 1. Background On 1 August 2025, Thailand’s Personal Data Protection Committee (“PDPC”) announced the issuance of 8 fines totaling THB 14.5 million (approximately USD 448,000), which were levied against one government agency and other private entities for non-compliance with the Personal Data Protection Act of 2019 (“PDPA”)……

Read More Huge Fines Imposed by Thailand’s PDPC: A Major Alert on Data Privacy Violations (Thailand)
News

DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots
Bys s January 22, 2025

The Trump administration has disbanded the Cyber Safety Review Board (CSRB), ending one of the few bright spots at CISA. The post DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots appeared first on SecurityWeek.

Read More DHS Disbands Cyber Safety Review Board, Ending One of CISA’s Few Bright Spots
News

Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
Bys s July 10, 2025

A civilian employee of the U.S. Air Force assigned to the U.S. Strategic Command (USSTRATCOM) at Offutt Air Force Base pleaded guilty today to conspiring to transmit classified information relating to the national defense (National Defense Information) on a foreign online dating platform beginning in or around February 2022 until in or around April 2022. “The…

Read More Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
News

Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
Bys s July 30, 2025

Cybersecurity researchers have disclosed now-patched critical security flaws in the firmware of Dahua smart cameras that, if left unaddressed, could allow attackers to hijack control of susceptible devices. “The flaws, affecting the device’s ONVIF protocol and file upload handlers, allow unauthenticated attackers to execute arbitrary commands remotely, effectively taking over the device,”

Read More Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
News

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Bys s December 15, 2025

Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations. The shortcomings, discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025, are listed below – CVE-2025-61675 (CVSS score: 8.6) – Numerous

Read More FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

Similar Posts