Trusted Cyber Security Experts
25+ Years Industry Experience
Ethical, Professional & Pragmatic
Latest Snapekit Rootkit Poses Threat to Arch Linux Users
A newly discovered rootkit known as “Snapekit” has emerged, posing a significant risk to users of Arch Linux systems, particularly those running the 6.10.2-arch1-1 kernel. According to reports from multiple
Cyber Essentials – What’s Changed in the Latest Willow Question Set?
Recently, IASME has introduced their latest Willow question set for the NCSC Cyber Essentials Self-Assessment Certification, which will replace the current (Montpelier) questions on the 28th April, 2025. The updates
NVIDIA Vulnerability CVE-2024-0132: A Deep Dive into the Threat and Mitigation
In September 2024, NVIDIA disclosed a critical security flaw, CVE-2024-0132, affecting its NVIDIA Container Toolkit. This vulnerability has sent shockwaves through the IT and cybersecurity communities due to its severity
Meta Fined €91 Million for Failing to Properly Protect User Passwords
Meta, the parent company of Facebook and Instagram, has been hit with a significant €91 million (£79 million) fine by Ireland’s Data Protection Commission (DPC) after an investigation revealed serious
WinRAR Remote Code Execution Flaw Patched
A high severity vulnerability has been found in RARLAB’s popular Windows file archiver WinRAR. Security researchers at the Zero Day Initiative who first identified this vulnerability in June have published
Stack-Based Buffer Overflows in Ivanti Avalanche
Multiple stack-based buffer overflows have been identified in Ivanti Avalanche, tracked as a single vulnerability with a critical severity rating and CVSS base score of 9.8/10. Ivanti Avalanche is an
Microsoft Teams Used in Social Engineering Attacks
Highly targeted phishing attacks have been carried out by the threat actor Midnight Blizzard, previously known as NOBELIUM, via Microsoft Teams. These attacks targeted a range of organisations including government
LinkedIn Accounts Hijacked By Cyber Criminals
LinkedIn accounts have been targeted by attackers in hacking events that have led to users being locked out of their own accounts by LinkedIn, and unable to recover them through
Malware Attacks Target Zyxel End-Of-Life Routers
A five-year-old vulnerability is currently being exploited in Zyxel P660HN-T1A routers to introduce a Gafgyt malware variant onto target networks. An outbreak alert has been issued by Fortinet to inform
Actively Exploited Office RCE Attack Chain Patched
A Defense-In-Depth Office update has been released by Microsoft as a part of the Patch Tuesday updates made available this week to fix an actively exploited remote code execution (RCE)
PaperCut Flaw Allows RCE on Windows Servers
A critical severity flaw in PaperCut NG and PaperCut MF print management applications that can allow unauthenticated attackers to perform remote code execution (RCE) on vulnerable Windows servers. Any use
Zimbra Collaboration Suite Patch Zero-Day Flaw
A zero-day cross-site scripting (XSS) flaw that has been exploited in the wild has now been patched for Zimbra Collaboration Suite in version 8.8.15 patch 41. Two other vulnerabilities have
Subscribe to our monthly newsletter today
If you’d like to stay up-to-date with the latest cyber security news and articles from our technical team, you can sign up to our monthly newsletter.
We hate spam as much as you do, so we promise not to bombard you with emails. We’ll send you a single, curated email each month that contains all of our cyber security news and articles for that month.