The State of Ransomware in Manufacturing and Production 2025

The following are just a few of the pictures I took today at a “No Kings” protest held in Nassau County, New York. It was a peaceful protest. There was a larger-than-expected turnout, with minimal and respectful police presence. As I anticipated in my post explaining why I was going, there were a lot of……

Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution.  The vulnerability impacting Zoom Clients for Windows, tracked as CVE-2025-49457 (CVSS score: 9.6), relates to a case of an untrusted search path that could pave the way for privilege escalation….

John Blacksmith reports: Verily, owned by Alphabet, is facing a lawsuit filed by an ex-employee who alleges the misuse of the personally identifiable health information of over 25,000 patients, and the failure of the company to submit HIPAA breach reports, as per the Health Insurance Portability and Accountability Act (HIPAA) requirement. Verily, previously known as……

Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins

A new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on the Python Package Index (PyPI) repository, raising concerns that it could be repurposed by cybercriminals for malicious purposes. Dubbed Villager, the framework is assessed to be the work of Cyberspike, which has positioned the tools as…

Amin Ayan reports: CoinMarketCap was hacked on Friday after a malicious popup appeared on its website, urging users to “verify” their wallets. The phishing-style notification asked users to connect their wallets and approve ERC-20 token access, raising immediate red flags across the crypto community. Wallet providers like MetaMask and Phantom quickly flagged the site as…