HeartCrypt’s wholesale impersonation effort

Blog

Byadmblake September 26, 2025

How the notorious Packer-as-a-Service operation built itself into a hydra

Blog

Apache Tomcat RCE

What is the Vulnerability?On March 10, 2025, Apache issued a security advisory regarding a critical vulnerability (CVE-2025-24813) affecting the Apache Tomcat web server. This flaw could allow attackers to view or inject arbitrary content into security-sensitive files and potentially achieve remote code execution.Exploit code for this vulnerability is publicly available, and no authentication is required…

Read More Apache Tomcat RCE
Blog

Dark Reading Opens The State of Application Security Survey

Take part in the new survey from Dark Reading and help uncover trends, challenges, and solutions shaping the future of application security.

Read More Dark Reading Opens The State of Application Security Survey
Blog

Proof-of-Concept Code Now Available for an Exploited Windows Local Privilege Escalation Vulnerability

FortiGuard Labs is aware that a Proof-of-Concept (POC) code for a newly patched Windows vulnerability (CVE-2022-21882) that is reported to have been exploited in the wild was released to a publicly available online repository. CVE-2022-21882 is a local privilege (LPE) escalation vulnerability which allows a local, authenticated attacker to gain elevated local system or administrator…

Read More Proof-of-Concept Code Now Available for an Exploited Windows Local Privilege Escalation Vulnerability
Blog

Switching to Offense: US Makes Cyber Strategy Changes

The US national cyber director describes the next cyber strategy as focusing “on shaping adversary behavior,” adding consequences and aggressive response.

Read More Switching to Offense: US Makes Cyber Strategy Changes
Blog

Are We Closing the Gender Gap in Cybersecurity?

Answer: Nope. But let’s look at the trends — because they matter for security.

Read More Are We Closing the Gender Gap in Cybersecurity?
Blog

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a large combined heat and power plant (CHP) supplying heat to almost half a million customers in the country. The incident took place on December 29,…

Read More CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

Related