Organizations Fix Less Than Half of All Exploitable Vulnerabilities, With Just 21% of GenAI App Flaws Resolved

Blog

Byadmblake April 18, 2025

Post Content

Blog

Nation-State Groups Abuse Microsoft Windows Shortcut Exploit

Trend Micro uncovered a method that nation-state threat actors are using to target victims via the Windows .Ink shortcut file extension.

Read More Nation-State Groups Abuse Microsoft Windows Shortcut Exploit
Blog

Facebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns

Facebook, the social network platform owned by Meta, is asking for users to upload pictures from their phones to suggest collages, recaps, and other ideas using artificial intelligence (AI), including those that have not been directly uploaded to the service. According to TechCrunch, which first reported the feature, users are being served a new pop-up…

Read More Facebook’s New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns
Blog

Mitel MiCollab Unauthorized Access

What is the attack?Security flaws in Mitel MiCollab, CVE-2024–35286 and CVE-2024–41713, have been found, putting many organizations at risk. These vulnerabilities allow attackers bypass authentication and access files on affected servers, revealing sensitive information that could expose organizations to serious security risks. Mitel MiCollab is a popular solution that combines voice calling, video calling, chat,…

Read More Mitel MiCollab Unauthorized Access
Blog

Ivanti EPMM Exploitation Tied to Previous Zero-Day Attacks

Wiz researchers found an opportunistic threat actor has been targeting vulnerable edge devices, including Ivanti VPNs and Palo Alto firewalls.

Read More Ivanti EPMM Exploitation Tied to Previous Zero-Day Attacks
Blog

Chaos Ransomware Rises as BlackSuit Gang Falls

Researchers detailed a newer double-extortion ransomware group made up of former members of BlackSuit, which was recently disrupted by international law enforcement.

Read More Chaos Ransomware Rises as BlackSuit Gang Falls
Blog

Microsoft SharePoint Zero-day Attack

FortiGuard Labs has detected and successfully blocked hundreds of exploitation attempts targeting a newly discovered zero-day vulnerability chain in on-premises Microsoft SharePoint servers. This active campaign is being exploited by multiple threat actors and poses a significant risk to a wide range of sectors including government, education, healthcare, and large enterprises.

Read More Microsoft SharePoint Zero-day Attack

Related