Traditional Data Loss Prevention Solutions Are Not Working for Most Organizations

Blog

Byadmblake March 28, 2025

Post Content

Blog

Ivanti Connect Secure Zero-Day Vulnerability

What are the Vulnerabilities?Ivanti disclosed two vulnerabilities, CVE-2025-0282 and CVE-2025-0283, impacting Ivanti Connect Secure (“ICS”) VPN appliances. CVE-2025-0282 is an unauthenticated stack-based buffer overflow affecting Ivanti Connect Secure, Policy Secure, and ZTA Gateways. Successful exploitation could result in unauthenticated remote code execution and CVE-2025-0283 is a stack-based buffer overflow in Ivanti Connect Secure before version…

Read More Ivanti Connect Secure Zero-Day Vulnerability
Blog

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

A new security flaw in SmarterTools SmarterMail email software has come under active exploitation in the wild, two days after the release of a patch. The vulnerability, which currently does not have a CVE identifier, is tracked by watchTowr Labs as WT-2026-0001. It was patched by SmarterTools on January 15, 2026, with Build 9511, following…

Read More SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release
Blog

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild. The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an

Read More CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
Blog

AI App Spending Report: Where Are the Security Tools?

An analysis of startup firm’s spending on AI applications finds the top categories to be productivity and content-generation. Security? Not so much.

Read More AI App Spending Report: Where Are the Security Tools?
Blog

WhatsApp Bug Anchors Targeted Zero-Click iPhone Attacks

A “sophisticated” attack that also exploits an Apple zero-day flaw is targeting a specific group of iPhone users, potentially with spyware.

Read More WhatsApp Bug Anchors Targeted Zero-Click iPhone Attacks
Blog

Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data

Cybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive data from compromised devices. According to CYFIRMA, which analyzed three different samples of BankBot-YNRK, the malware incorporates features to sidestep analysis efforts by first checking its running within a virtualized or emulated environment

Read More Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data

Related