All topics
This week was a bit of a throwback to olden times, with the disclosure by Amazon threat intelligence of zero days in Cisco and Citrix products that were exploited by an unnamed APT, and Google using legal action to disrupt the Lighthouse phishing service operation. We dig into those two stories, plus we discuss the […]
The chain of discovery began with Amazon's security honeypot service, MadPot, which detected exploitation attempts for the Citrix Bleed Two vulnerability (CVE-2025-5777) before its public disclosure
The important-severity flaw (CVE-2025-62215) has been exploited, said Microsoft.
Microsoft issued fixes for several actively exploited vulnerabilities in its latest patch Tuesday release.
A Saturday advisory from Oracle's CISO warned of a vulnerability impacting some deployments of E-Business Suite (CVE-2025-61884).
This week brings some new insights into the origins and length of the Cl0p extortion attacks tied to the Oracle E-Business Suite vulnerability, big surges in scanning for Cisco ASA, Palo Alto, and Fortinet devices, and a huge upgrade to Apple bug bounty payouts.
