Cyber Security Redefined

Automation is redefining pentesting (and yes, it’s about time) While penetration testing remains essential, the delivery of results hasn’t kept pace. Many teams still receive long, static PDFs and then manually copy findings into tools like Jira or ServiceNow—adding delays and eroding value. It promotes automated pentest delivery: streaming findings in real time into the […]

Citrix rushes fixes for three NetScaler bugs — one’s already being exploited Citrix has released patches for three security flaws in NetScaler ADC and NetScaler Gateway. One of them—CVE-2025-7775 (CVSS 9.2)—is already being actively exploited. The others are CVE-2025-7776 (CVSS 8.8) and CVE-2025-8424 (CVSS 8.7). • 7775/7776 are memory overflow bugs that can lead to […]

Salt Typhoon: edge devices in the firing line “Salt Typhoon,” a China-linked APT, has been exploiting vulnerabilities in edge network devices (notably from Cisco, Ivanti and Palo Alto Networks) to break into organisations worldwide—around 600 victims across 80 countries, including the UK. Initial access involves known CVEs (e.g., Cisco IOS XE and Smart Install flaws, […]

Google: Salesloft Drift breach bigger than expected Google and Mandiant warned that the recent Salesloft Drift OAuth breach is broader than first thought, affecting all Drift integrations, not just Salesforce. Attackers stole OAuth tokens and, in some cases, accessed Salesforce data and even a small number of Google Workspace mailboxes tied specifically to Drift’s email […]

Attackers turn Velociraptor into a C2 taxi • What happened: Researchers spotted attackers installing the open-source forensic tool Velociraptor and then using it to fetch and run Visual Studio Code in “tunnel” mode—turning a developer editor into a handy route back to an attacker-controlled C2 server. • How they got in: Windows msiexec pulled an […]

Browsers: your biggest risk you’re staring at all day This piece argues the humble web browser has become a prime battleground: the author claims over 80% of security incidents now start in browser-based apps and spotlights Scattered Spider (aka UNC3944 / Octo Tempest / Muddled Libra) for targeting identities and data inside Chrome, Edge, Firefox […]

Cisco’s Fire-fighting Console Has a Howler: Patch Your FMC, Pronto Cisco has patched a critical (CVSS 10.0) flaw in Secure Firewall Management Center (FMC) that sits in its RADIUS authentication code. An unauthenticated attacker can inject commands during login and achieve remote code execution—but only if RADIUS is enabled for the FMC web UI or […]

FortiSIEM’s critical wobble: patch first, tea later Fortinet has disclosed a critical pre-auth command-injection flaw in FortiSIEM—CVE-2025-25256 (CVSS 9.8)—and says exploit code exists in the wild. The bug sits in the phMonitor process (port 7900), where inadequate input sanitisation can let an unauthenticated attacker run OS commands. Fortinet lists affected branches and fixed versions, notes […]

WinRAR Zero-Day: Why Opening That “CV” Could Autostart Malware The Hacker News reports that WinRAR for Windows has patched an actively exploited zero-day (CVE-2025-8088, CVSS 8.8). The bug is a path-traversal flaw: booby-trapped RAR archives can force files to extract outside the chosen folder—into sensitive spots like Startup—to run code on next log-in. ESET linked […]

Citrix NetScaler under fire: Dutch NCSC confirms live exploits of CVE-2025-6543 The Dutch National Cyber Security Centre (NCSC-NL) says a critical Citrix NetScaler flaw, CVE-2025-6543 (CVSS 9.2), is being actively exploited against organisations in the Netherlands, including critical sectors. The bug affects NetScaler ADC/Gateway when configured as a Gateway or AAA virtual server. Evidence shows […]

Microsoft’s August Patch Tuesday: Kerberos Drama and 110 Close Friends Microsoft’s August 2025 Patch Tuesday fixes 111 vulnerabilities across Windows and wider Microsoft products. One flaw, CVE-2025-53779 in Windows Kerberos, was publicly disclosed and could help an attacker with certain delegated-account permissions pivot to full Active Directory compromise. In total there are 16 Critical, 92 […]

ReVault: When Your “Security Chip” Needs a Security Chip of Its Own Security researchers (Cisco Talos) disclosed “ReVault”—a set of five flaws in Dell ControlVault3 (a Broadcom-based security chip and its Windows APIs) used in 100+ laptop models. Chained together, the bugs could let attackers bypass Windows login, extract keys and persist in firmware even […]

The Wild West of Shadow IT: Why Your Staff Are Installing Trouble at the Click of a Button The CyberWhite article The Wild West of Shadow IT warns that employees now adopt SaaS and AI tools faster than security teams can vet them, creating a sprawl of unapproved apps, OAuth tokens and embedded AI that […]

How to Stop a Sneaky Man-in-the-Middle The CyberWhite guide explains how man-in-the-middle (MITM) attacks let crooks slip between users and online services to pinch log-ins, card details and other goodies. It recaps headline-grabbing examples (Equifax, Lenovo Superfish, DigiNotar) and outlines favourite tactics: rogue public-Wi-Fi, mDNS/DNS spoofing, ARP games and look-alike access points. Defence boils down […]

Dahua Cameras Get the Starring Role in Their Own Horror Film Security researchers at Bitdefender uncovered two critical buffer-overflow bugs (CVE-2025-31700, CVE-2025-31701, CVSS 8.1) in Dahua smart-camera firmware built before 16 April 2025. One flaw sits in the ONVIF request handler, the other in the RPC file-upload routine. An unauthenticated attacker can sling a specially […]

SonicWall’s VPNs May Have a Nasty Zero-Day – Akira Ransomware Gate-crashes the Party SonicWall is probing a potential zero-day flaw in its Gen 7 SSL VPN firewalls after security firms Arctic Wolf and Huntress logged more than 20 Akira-ransomware break-ins since late July 2025. Victims were fully patched and even with MFA attackers still slipped […]

“ClickFix” malvertising: crooks rent Google Ads so you’ll download their dodgy installers Researchers have spotted a sprawling malvertising operation nick-named “ClickFix” that hijacks Google Ads to lure users searching for popular software (Chrome, WhatsApp, Adobe Reader) onto copy-cat sites. The bogus pages serve malicious MSI installers laced with OxtaRAT remote-access malware. Once executed, the payload […]

Fake OAuth apps: the latest con trick against Microsoft 365 users Threat actors are using fake Microsoft 365 OAuth apps, spoofing brands like RingCentral, SharePoint and Adobe, to trick users into granting access to their accounts. The crooks combine the bogus apps with Tycoon Phishing-as-a-Service kits, redirecting victims through a CAPTCHA and then an adversary-in-the-middle […]

HPE’s Wi‑Fi Kit Gets a Nasty Surprise: Hard‑Coded Passwords Hewlett‑Packard Enterprise (HPE) has patched two nasty bugs in its Instant On wireless access‑points. The worst, CVE‑2025‑37103 (CVSS 9.8), comes from hard‑coded admin credentials that let anyone waltz straight past the login screen. A second flaw, CVE‑2025‑37102 (CVSS 7.2), allows command injection once you’re signed in. Chained together, the pair […]

Patch your SharePoint, or it’ll patch you Microsoft has rushed out emergency patches for CVE‑2025‑53770, a critical (CVSS 9.8) remote‑code‑execution flaw in on‑premises SharePoint Server. The bug, triggered by unsafe deserialisation in the machineAccountCheck function, is already being weaponised in the wild—at least 54 organisations have been hit, including banks, universities and government bodies. A related spoofing […]