Introducing Sophos Advisory Services
See how your networks, systems, and employees stand up to simulated attacks before an adversary strikes.
Similar Posts
Google Fixes Actively Exploited Android System Flaw in May 2025 Security Update
Bys sGoogle has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild. The vulnerability in question is CVE-2025-27363 (CVSS score: 8.1), a high-severity flaw in the System component that could lead to local code execution without requiring any additional execution…
Gov’t orders SKT to notify individual users whose data may have been breached
Bys sKorea JoongAng Daily reports: As customer complaints mount following a major hacking incident at SK Telecom, the government on Friday ordered the telecom giant to notify all users whose personal data may have been exposed and to provide immediate protection for vulnerable groups. The Personal Information Protection Commission (PIPC) convened an emergency meeting at 8…
Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack
Bys sThreat intelligence firm GreyNoise is warning of a “coordinated surge” in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms. “At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts,” the company said, adding it observed the activity on March 9, 2025. The countries…
Legal Silence and Chilling Effects: Injunctions Against the Press in Cybersecurity
Bys sOver on SuspectFile, Marco A. De Felice (@amvinfe) considers the troubling use of injunctions, SLAPP suits, and superinjunctions that prohibit the press from performing its duty to inform the public on matters of importance. The topic was back in the news this week after a superinjunction obtained by the U.K. Ministry of Defence to block…
Is your SIEM still serving You? Why it might be time to rethink your security stack
Bys sSecurity teams are under increasing pressure to detect and respond to threats in real time, especially as the median dwell time for ransomware attacks has dropped from weeks to a few days. Yet many organizations still rely on legacy Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) tools. These tools…
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
Bys sCybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang. “These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ (ZMQ) and Python’s pickle deserialization,”