Are you sure you want to leave? You’re just one step away from your free network consultation (valued at $495).
Blog
Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication
Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The campaign used "compromised websites to redirect visitors to...
Can Your Security Stack See ChatGPT? Why Network Visibility Matters
Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions improve efficiency across tasks, they also present new data leak prevention for generative AI challenges. Sensitive information may be...
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software. The issue, which is yet to be assigned a CVE identifier, has been...
FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available
The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to the public internet. FreePBX is an open-source private branch exchange...
Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain
Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called VerifTools that peddled fraudulent identity documents to cybercriminals across the world. To that end, two marketplace domains (verif[.]tools and...
Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations
Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than previously thought, stating it impacts all integrations. "We now advise all Salesloft Drift customers to treat any and all...
TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies
Cybersecurity researchers have discovered a cybercrime campaign that's using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef. "The objective is to lure victims into downloading and installing a...
Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a...
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors....
Webinar: Why Top Teams Are Prioritizing Code-to-Cloud Mapping in Our 2025 AppSec
Picture this: Your team rolls out some new code, thinking everything's fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs millions....
FREE GUIDE
The Ultimate Guide To IT Support Services And Fees
What You Should Expect To Pay For IT Support For Your Small Business (And How To Get Exactly What You Need Without Unnecessary Extras, Hidden Fees And Excessive Contracts)
