Topic: attack prevention

Sort by: Relevance | Date
  • Your Own Tools Are Being Weaponized: Here's How to Fight Back
    October 5, 2025
    90%

    Your Own Tools Are Being Weaponized: Here's How to Fight Back

    SMEs often neglect cybersecurity, creating vulnerabilities as new threats specifically target the everyday tools businesses rely on, bypassing traditional security measures. A major emerging threat is "living-off-the-land" (LOTL) attacks, where hackers misuse trusted system utilities like PowerSh...

    Read More »
  • Chrome Will Alert You Before Loading Unsafe Websites
    October 30, 2025
    82%

    Chrome Will Alert You Before Loading Unsafe Websites

    Starting in October 2026, Google Chrome will automatically enable "Always Use Secure Connections" for all users, displaying bypassable warnings for unencrypted public websites to enhance security. The rollout will occur in phases, beginning with Enhanced Safe Browsing users in April 2026 and expa...

    Read More »
  • Active Attack Exploits Critical Adobe Commerce, Magento Flaw
    October 24, 2025
    82%

    Active Attack Exploits Critical Adobe Commerce, Magento Flaw

    Security researchers have identified active exploitation of a critical Adobe Commerce and Magento vulnerability (CVE-2025-54236, SessionReaper), which allows attackers to hijack customer accounts and potentially execute remote code, with over 250 attack attempts blocked in a single day. The vulne...

    Read More »
  • Don't Paste That TikTok Code! The Dangerous Scam Explained
    October 23, 2025
    78%

    Don't Paste That TikTok Code! The Dangerous Scam Explained

    A dangerous scam on TikTok, known as ClickFix, tricks users into installing information-stealing malware by posing as helpful tech support or free software guides, convincing them to run malicious commands on their own computers. These fraudulent videos, which promote fake methods for accessing p...

    Read More »
  • Urgent: Active Attacks Target Unpatched Gladinet Flaw (CVE-2025-11371)
    October 18, 2025
    70%

    Urgent: Active Attacks Target Unpatched Gladinet Flaw (CVE-2025-11371)

    A critical unauthenticated Local File Inclusion vulnerability (CVE-2025-11371) is actively being exploited, allowing attackers to remotely access any file on systems using Gladinet's CentreStack and Triofox platforms without credentials. Security researchers at Huntress confirmed real-world attac...

    Read More »
  • Secure Your Microsoft Exchange Servers: CISA & NSA Guidance
    November 1, 2025
    68%

    Secure Your Microsoft Exchange Servers: CISA & NSA Guidance

    A joint advisory from cybersecurity agencies recommends a proactive, multi-layered security strategy for Microsoft Exchange servers, including decommissioning outdated on-premises systems after migrating to Microsoft 365 to prevent critical vulnerabilities. Key security measures include hardening...

    Read More »

Related Topics

remote code execution (65) vulnerability exploitation (42) security research (39) threat actors (37) cloud security (87) software updates (75) social engineering (73) cybersecurity threats (68)