Zeljka Zorz
Attackers actively exploiting Atlassian Confluence and Oracle WebLogic flaws
Attackers are actively exploiting recently fixed vulnerabilities in Oracle WebLogic and the Widget Connector macro in Atlassian Confluence to deliver ransomware, mine …
Microsoft 365 updates for better enterprise data privacy
Microsoft has announced new privacy controls for Microsoft 365 enterprise customers: they will be able to revoke access to encrypted emails, block sensitive information from …
Which cyber threats should financial institutions be on the lookout for?
Banks and financial services organizations were the targets of 25.7 percent of all malware attacks last year, more than any other industry, IntSigths revealed in their latest …
Making the most of threat intelligence with threat intelligence gateways
Even though many security professionals are still dissatisfied with threat intelligence accuracy and quality, its use as a resource for network defense is growing. According …
Attackers breached Docker Hub, grabbed keys and tokens
Docker, the company behing the popular virtualization tool bearing the same name, has announced late on Friday that it has suffered a security breach. There was no official …
Slack warns investors it might be targeted by organized crime, nation-state hackers
Slack Technologies, the company whose cloud-based collaboration tools and services are used by companies worldwide, has warned potential investors that the company faces …
Researchers flag new Oracle WebLogic zero-day RCE flaw
Attackers looking to compromise Oracle WebLogic servers for their own needs have a new zero-day RCE flaw at their disposal. “Oracle WebLogic wls9_async and wls-wsat …
Another European manufacturer crippled by ransomware
Aebi Schmidt, a Switzerland-based manufacturer and provider of municipal and agriculture machinery, has apparently been hit by ransomware. What happened? “Due to an IT …
Qualcomm chips leak crypto data from secure execution environment
A vulnerability in Qualcomm chips could be exploited by attackers to retrieve encryption keys and sensitive information from the chipsets’ secure execution environment, …
The latest DDoS attacks are mostly multi-vector and morph over time
DDoS attacks continue to be an effective means to distract and confuse security teams while inflicting serious damage to brands, according to Neustar. Also, when comparing Q1 …
Which employees receive the most highly targeted email-borne threats?
Workers in R&D/Engineering are the most heavily targeted group of employees within organizations, a new Proofpoint report says, and lower-level employees are at a higher …
Latest numbers show why BEC/EAC scams are here to stay
Extortion has become the second most often reported type of cybercrime, but BEC/EAC scams still reign supreme when it comes to monetary loss (or criminals’ earnings), …
Featured news
Resources
Don't miss
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)
- GitPhish: Open-source GitHub device code flow security assessment tool
- Healthcare CISOs must secure more than what’s regulated