Karl Triebes Joins Ivanti as Chief Product Officer

Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gain unauthorized access to any account, including administrators, and take control of susceptible sites. The authentication bypass vulnerability, tracked as CVE-2025-5947 (CVSS score: 9.8), affects the Service Finder Bookings, a WordPress plugin bundled with the

Companies critical to the aviation and aerospace supply chains didn’t patch a known CVE, providing opportunity for foreign espionage.

Until businesses begin to account for uncontrolled variables in their threat models, attackers will continue to exploit the weakest link in the chain.

A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress. The vulnerability, tracked as CVE-2025-47812 (CVSS score: 10.0), is a case of improper handling of null (”) bytes in the server’s web interface, which allows for remote code execution. It has been addressed…

The Salt Typhoon attacks underscored the need for unity, innovation, and resilience in the face of an increasingly sophisticated cyber-threat landscape.

Threat actors have been observed using seemingly legitimate artificial intelligence (AI) tools and software to sneakily slip malware for future attacks on organizations worldwide. According to Trend Micro, the campaign is using productivity or AI-enhanced tools to deliver malware targeting various regions, including Europe, the Americas, and the Asia, Middle East, and Africa (AMEA) region.