enterprise
RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406)
A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited …
Transforming cybersecurity into a strategic business enabler
In this Help Net Security interview, Kevin Serafin, CISO at Ecolab, discusses aligning security strategy with long-term business goals, building strong partnerships across the …
Google is making sending end-to-end encrypted emails easy
Sending end-to-end encrypted (E2EE) emails from Gmail enterprise accounts is about to become much easier than it is now, Google has announced on Tuesday. The company will …
Attackers are probing Palo Alto Networks GlobalProtect portals
Cybersecurity company GreyNoise is warning about a significant increase of scanning activity targeting internet-facing Palo Alto Networks GlobalProtect portals in the last 30 …
Windows 11 quick machine recovery: Restoring devices with boot issues
Microsoft has rolled out quick machine recovery, a new Windows feature aimed at preventing prolonged widespread outages like the one caused by a faulty CrowdStrike update in …
CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)
CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access …
NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248)
A vulnerability (CVE-2024-48248) in NAKIVO Backup and Replication, a backup, ransomware protection and disaster recovery solution designed for organizations of all sizes and …
Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120)
Veeam has released fixes for a critical remote code execution vulnerability (CVE-2025-23120) affecting its enterprise Veeam Backup & Replication solution, and is urging …
2024 phishing trends tell us what to expect in 2025
Phishing has been the method most often employed by cybercriminals to achieve initial access to targeted organizations in 2024, according to risk advisory firm Kroll, which …
PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
A proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. The vulnerabilities – …
Account takeover detection: There’s no single tell
Account takeover (ATO) is one of the most prevalent attack types; Proofpoint says that in 2024, 99% of the customer tenants the company monitors were hit with at least one …
Attackers are chaining flaws to breach Palo Alto Networks firewalls
Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ …
Featured news
Resources
Don't miss
- Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices
- Why security culture is crypto’s strongest asset
- Why remote work is a security minefield (and what you can do about it)
- Trump orders revocation of security clearances for Chris Krebs, SentinelOne
- FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887)