What is SQL injection (SQLi), and how can it be prevented?
Know what SQL injection is, so your business can understand, prevent and defend against these common yet often overlooked security…
2 minutes
Exploits and vulnerabilities
8 zero-days in one Patch Tuesday? Welcome to 2025
The January 2025 Patch Tuesday consists of 159 Microsoft CVEs, including three that are actively exploited.
2 minutes
Cleo, the next MOVEit and GoAnywhere?
The CL0P ransomware gang has claimed responsibility for attacks exploiting a vulnerability in Cleo file sharing products.
3 minutes
Top 5 most dangerous software weaknesses in 2024
The more things change, the more they stay the same.
3 minutes
What is Cross-Site Request Forgery (CSRF)?
Cross-site request forgery, or CSRF, is a type of cybersecurity attack where a logged-in victim is tricked into an unwanted…
3 minutes
December patch Tuesday fixes one actively exploited zero-day vulnerability
Microsoft patched an actively exploited vulnerability in the CLFS component.
1 minute
What is Buffer Overflow?
A buffer overflow occurs when an area of memory within a software application reaches its address boundary and writes into…
3 minutes
Update now! November Patch Tuesday tackles 4 zero-days, two actively exploited
Microsoft’s November Patch Tuesday includes fixes for 89 vulnerabilities in total.
3 minutes
Patch now! Palo Alto Expedition vulnerabilities could leak firewall credentials
A set of vulnerabilities in Palo Alto Networks Expedition could allow an attacker to read database contents and arbitrary files
2 minutes
Update now! Five zero-days fixed October Patch Tuesday
Microsoft’s October Patch Tuesday covers five zero-days, two of which are being actively exploited.
2 minutes
Zimbra SMTP vulnerability is being exploited in numbers
The flaw can be exploited by sending an email with a specially crafted CC field.
1 minute
Ivanti patches admin bypass for Cloud Services Appliance
Ivanti has released a security advisory for a critical vulnerability in Ivanti CSA 4.6 which is being actively exploited.
2 minutes
Update now! Four zero-days fixed in September Patch Tuesday
Microsoft’s September Patch Tuesday covers 79 Microsoft CVEs and includes four actively exploited zero-days.
2 minutes
Update now! August Patch Tuesday covers several zero-days
Microsoft’s August Patch Tuesday covers 90 Microsoft CVEs and includes nine actively-exploited zero-days.
2 minutes
Patch now! Microsoft Office flaw could leak NTLM hashes
Microsoft is warning about a Microsoft Office vulnerability which an attacker could use to steal NTLM hashes.
3 minutes
Patch now! ServiceNow vulnerabilities under active exploitation
Up to 42,000 ServiceNow systems may be at risk of compromise.
1 minute
Get patching! Old vCenter vulnerability actively abused
CISA has added a two-year-old vulnerability in vCenter to its catalog of known exploited vulnerabilities
1 minute
22 minutes from PoC exploit to attacks—would you have patched in time?
The speed at which you need to apply patches is increasing. Are you prepared?
2 minutes
GeoServer vulnerability actively abused, CISA warns
CISA has added CVE-2024-36401 to its catalog of known exploited vulnerabilities.
2 minutes
Patch now! July Patch Tuesday fixes two actively exploited vulnerabilities
Microsoft's Patch Tuesday covers two actively exploited vulnerabilities, one Office Remote Code Execution (RCE) flaw, and many other CVEs
2 minutes
