Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months
A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider,…
F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion
î ‚Oct 15, 2025î „Ravie LakshmananVulnerability / Threat Intelligence U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into…
Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks
New research has uncovered that publishers of over 100 Visual Studio Code (VS Code) extensions leaked access tokens that could…
How Attackers Bypass Synced Passkeys
î ‚Oct 15, 2025î „Ravie LakshmananData Protection / Browser Security TLDR Even if you take nothing else away from this piece, if…
Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped
Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come…
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access
î ‚Oct 15, 2025î „Ravie LakshmananVulnerability / Server Security Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer…
Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control
î ‚Oct 15, 2025î „Ravie LakshmananVulnerability / Critical Infrastructure Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote…
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login
î ‚Oct 15, 2025î „Ravie Lakshmanan Enterprise Software / Vulnerability SAP has rolled out security fixes for 13 new security issues, including…
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year
î ‚Oct 14, 2025î „Ravie LakshmananCyber Espionage / Network Security Threat actors with ties to China have been attributed to a novel…
What AI Reveals About Web Applications— and Why It Matters
Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They…