Palo Alto Networks has revealed that it’s observing brute-force login attempts against PAN-OS GlobalProtect gateways, days after threat actors warned of a surge in suspicious login scanning activity targeting its appliances. “Our teams are observing evidence of activity consistent with password-related attacks, such as brute-force login attempts, which does not indicate exploitation of a
Cybersecurity researchers have found that threat actors are setting up deceptive websites hosted on newly registered domains to deliver a known Android malware called SpyNote. These bogus websites masquerade as Google Play Store install pages for apps like the Chrome web browser, indicating an attempt to deceive unsuspecting users into installing the malware instead. “The…
What is the Vulnerability?A zero-day vulnerability has recently been identified in the Common Log File System (CLFS) kernel driver. CLFS is a general-purpose logging subsystem within the Windows operating system that provides a high-performance way to store log data for various applications. If successfully exploited, an attacker operating under a standard user account can elevate…
A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites. “The
Gladinet’s platform is widely used among managed service providers, and a critical deserialization flaw could put MSP customers in jeopardy.
Managing permissions and authorizations across dozens or hundreds of cloud services and platforms poses significant headaches for companies. An open specification aims to change that.
An executive order is targeting former Trump appointees, including former CISA director Chris Krebs and his current coworkers, in the latest in a series of directives against those who dissented against the president and his associates.
Security experts weigh in on the problem Salt Typhoon and its hacking of telecoms poses against the United States, including what the US should do and how defenders can protect themselves.