Cybersecurity
-
Recent SAP S/4HANA Vulnerability Exploited in Attacks
Source: SecurityWeekRead more: Recent SAP S/4HANA Vulnerability Exploited in AttacksA critical code injection vulnerability in SAP S/4HANA, identified as CVE-2025-42957, has been actively exploited in the wild, enabling attackers…
-
Phishing Empire Runs Undetected on Google, Cloudflare
Source: Dark ReadingRead more: Phishing Empire Runs Undetected on Google, CloudflareA global phishing-as-a-service operation has been operating undetected on major public cloud platforms like Google and Cloudflare for over three…
-
AI can help track an ever-growing body of vulnerabilities, CISA official says
Source: CyberScoopRead more: AI can help track an ever-growing body of vulnerabilities, CISA official saysCISA officials highlight the potential of artificial intelligence to manage and automate tracking of the rapidly growing number of software…
-
Sitecore zero-day vulnerability springs up from exposed machine key
Source: CyberScoopRead more: Sitecore zero-day vulnerability springs up from exposed machine keyA zero-day vulnerability (CVE-2025-53690) in Sitecore was exploited due to customers using exposed ASP.NET machine keys from the vendor’s documentation,…
-
Blast Radius of Salesloft Drift Attacks Remains Uncertain
Source: Dark ReadingRead more: Blast Radius of Salesloft Drift Attacks Remains UncertainA recent supply-chain attack targeting Salesloft Drift has led to data breaches among several high-profile customers. The full extent and…
-
Generative AI as a Cybercrime Assistant
Source: Schneier on SecurityRead more: Generative AI as a Cybercrime AssistantAnthropic reported disrupting a cybercriminal using Claude AI to conduct large-scale data theft and extortion across multiple sectors. The AI…
-
Kako KPI Metrike Mijenjaju Pravila Igre u Patch Managementu: Putokaz ka Cyber Otpornosti u 2025.
Read more: Kako KPI Metrike Mijenjaju Pravila Igre u Patch Managementu: Putokaz ka Cyber Otpornosti u 2025.This article highlights how ineffective patch management remains one of the biggest enablers of cyberattacks, with unpatched systems causing the…
-
Microsoft releases emergency updates to fix Windows recovery
Source: BleepingComputerRead more: Microsoft releases emergency updates to fix Windows recoveryMicrosoft has issued emergency out-of-band updates to address a critical issue affecting Windows reset and recovery functions caused by the…
-
Chrome High-Severity Vulnerability Let Attackers Execute Arbitrary Code
Source: Cyber Security NewsRead more: Chrome High-Severity Vulnerability Let Attackers Execute Arbitrary CodeGoogle has released an emergency security update for Chrome to fix a high-severity vulnerability (CVE-2025-9132) in the V8 JavaScript engine…
-
New Salty 2FA PhaaS platform Attacking Microsoft 365 Users to Steal Login Credentials
Source: Cyber Security NewsRead more: New Salty 2FA PhaaS platform Attacking Microsoft 365 Users to Steal Login CredentialsA new sophisticated Phishing-as-a-Service platform named Salty 2FA targets Microsoft 365 users in US and European industries by bypassing two-factor…