+44 (0)203 88 020 88

Menu

Search

News

F5 Discloses Nation-State Intrusion While Stating Operations Remain Unaffected

News /

F5 has disclosed that a nation-state threat actor gained unauthorised access to parts of its internal environment, prompting a coordinated incident response that the company says prevented impact to customer-facing systems and day-to-day operations. The disclosure, made public on Wednesday 15 October 2025, arrived alongside government warnings about potential follow-on risk to organisations that deploy […]

F5 Discloses Nation-State Intrusion While Stating Operations Remain Unaffected Read More »

OpenAI Disrupts State-Linked Misuse of ChatGPT for Cyberattacks

News /

OpenAI has revealed that it disrupted three coordinated operations by state-linked actors from Russia, North Korea and China who attempted to exploit ChatGPT to assist in developing malware, conducting phishing campaigns and supporting online influence activity. The announcement offers an unusually detailed look at how nation-state adversaries are beginning to incorporate large language models (LLMs)

OpenAI Disrupts State-Linked Misuse of ChatGPT for Cyberattacks Read More »

DeepSeek Data Leak: How a Simple Security Flaw Exposed Over a Million Records

News, Uncategorized /

In January 2025, the cybersecurity community was alerted to a significant data exposure involving DeepSeek, a prominent Chinese artificial intelligence (AI) startup. Researchers from Wiz, a cloud security firm, discovered that DeepSeek had inadvertently left a critical database accessible on the internet without any authentication measures. This lapse exposed over a million records, including system

DeepSeek Data Leak: How a Simple Security Flaw Exposed Over a Million Records Read More »

Latest Industrial Control System Advisories from CISA

Infrastructure, News, Vulnerabilities /

The Cybersecurity and Infrastructure Security Agency (CISA) released six advisories this month addressing vulnerabilities in Industrial Control Systems (ICS). These advisories highlight critical flaws that could be exploited to compromise critical infrastructure, disrupt operations, and potentially endanger public safety. Our research team have summarised each of the following vulnerabilities in the sections below, with mitigation

Latest Industrial Control System Advisories from CISA Read More »

Critical UEFI Secure Boot Vulnerability (CVE-2024-7344)

News, Vulnerabilities /

Recently, cybersecurity researchers uncovered a severe vulnerability within the Unified Extensible Firmware Interface (UEFI) Secure Boot system, tracked as CVE-2024-7344. This flaw allows attackers to bypass Secure Boot protections, enabling them to execute unauthorised code during the boot process. This type of vulnerability poses a significant threat, as it can lead to the deployment of

Critical UEFI Secure Boot Vulnerability (CVE-2024-7344) Read More »

How EagerBee is Redefining Cyber Espionage in the Middle East

News /

In early January 2025, cybersecurity researchers uncovered a sophisticated cyber espionage campaign targeting Internet Service Providers (ISPs) and government entities in the Middle East. At the centre of this campaign lies an advanced malware framework known as EagerBee, which has been significantly upgraded with new capabilities to facilitate stealthy and persistent access to compromised systems.

How EagerBee is Redefining Cyber Espionage in the Middle East Read More »

FunkSec: The Emergence of AI-Driven Ransomware Threats

News /

In late 2024, a new ransomware group known as FunkSec emerged, leveraging artificial intelligence (AI) to enhance their cybercriminal activities. By January 2025, they had targeted over 85 organisations worldwide, employing sophisticated tactics that blend AI capabilities with traditional ransomware methods. Understanding FunkSec’s Modus Operandi FunkSec employs a double extortion strategy, which involves both encrypting

FunkSec: The Emergence of AI-Driven Ransomware Threats Read More »

Palo Alto Networks PAN-OS RCE Vulnerability (CVE-2024-5910)

News, Vulnerabilities /

Palo Alto Networks has issued an urgent advisory to its customers, highlighting a potential remote code execution (RCE) vulnerability within the PAN-OS management interface. The cybersecurity firm advises organisations to secure access to this interface to mitigate potential risks. The advisory follows claims of a new RCE vulnerability targeting the PAN-OS management interface. While the

Palo Alto Networks PAN-OS RCE Vulnerability (CVE-2024-5910) Read More »

Critical VMware vCenter Server Vulnerability (CVE-2024-38812) Poses Serious Risk

News, Vulnerabilities /

The CVE-2024-38812 vulnerability is a critical flaw that exposes VMware vCenter Servers to serious security risks, including remote code execution and full system compromise. Organisations using VMware’s virtualisation tools must prioritise the patching of this vulnerability and implement strict security measures to prevent exploitation. Swift action is required to protect virtual infrastructure and mitigate the

Critical VMware vCenter Server Vulnerability (CVE-2024-38812) Poses Serious Risk Read More »

Critical Microsoft SharePoint Vulnerability (CVE-2024-38094) Creates Remote Code Execution Threat

News, Vulnerabilities /

The recently disclosed vulnerability, CVE-2024-38094, in Microsoft SharePoint presents a significant threat to organisations by allowing attackers to execute remote code on compromised servers. This flaw stems from improper input validation when processing ASPX files in SharePoint, and it requires minimal user interaction to exploit. Once exploited, the consequences can be severe, particularly for organisations

Critical Microsoft SharePoint Vulnerability (CVE-2024-38094) Creates Remote Code Execution Threat Read More »
0

No products in the basket.

No products in the basket.

Continue Shopping