Sophos Firewall v21.5: Entra ID SSO for Sophos Connect

Blog

Byadmblake May 1, 2025

How to make the most of the new features in Sophos Firewall v21.5.

Blog

Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts

Adobe has warned of a critical security flaw in its Commerce and Magento Open Source platforms that, if successfully exploited, could allow attackers to take control of customer accounts. The vulnerability, tracked as CVE-2025-54236 (aka SessionReaper), carries a CVSS score of 9.1 out of a maximum of 10.0. It has been described as an improper…

Read More Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts
Blog

Memento Spyware Tied to Chrome Zero-Day Attacks

While investigating the cyberattacks, researchers uncovered a new spyware product from Memento Labs, the successor to the infamous Hacking Team.

Read More Memento Spyware Tied to Chrome Zero-Day Attacks
Blog

Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign

Artificial intelligence (AI) company Anthropic has revealed that unknown threat actors leveraged its Claude chatbot for an “influence-as-a-service” operation to engage with authentic accounts across Facebook and X. The sophisticated activity, branded as financially-motivated, is said to have used its AI tool to orchestrate 100 distinct persons on the two social media platforms, creating a

Read More Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign
Blog

Mitel MiCollab Unauthorized Access

What is the attack?Security flaws in Mitel MiCollab, CVE-2024–35286 and CVE-2024–41713, have been found, putting many organizations at risk. These vulnerabilities allow attackers bypass authentication and access files on affected servers, revealing sensitive information that could expose organizations to serious security risks. Mitel MiCollab is a popular solution that combines voice calling, video calling, chat,…

Read More Mitel MiCollab Unauthorized Access
Blog

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds

Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t know is that browser extensions’ excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025, This report is the…

Read More Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds
Blog

Volkswagen Breach Exposes Data of 800K EV Customers

Ethical hacking group Chaos Computer Club uncovered exposed data of electrical vehicle owners across the company’s VW, Audi, Seat, and Skoda brands.

Read More Volkswagen Breach Exposes Data of 800K EV Customers

Related