Trusted Cyber Security Experts
25+ Years Industry Experience
Ethical, Professional & Pragmatic
Adobe ColdFusion Attack Chain Actively Exploited
Adobe ColdFusion vulnerabilities are being actively exploited by attackers to bypass authentication and execute remote commands to create a webshell on the vulnerable endpoint. ColdFusion is an Adobe product for
Mastodon Patch High and Critical Vulnerabilities
Open-source social network Mastodon has needed to address one high severity and two critical severity vulnerabilities affecting their platform and servers, as well as one moderate severity flaw. Security advisories
Android July Update Patches Actively Exploited Flaws
The new Android security update for this month has fixed a total of 46 vulnerabilities, three of which are thought to be actively exploited in what Android describe as “limited,
Zero-Day Vulnerability Exploited in WordPress Plugin
A critical zero-day vulnerability has been exploited in the WordPress plugin Ultimate Member that allows attackers to escalate their privileges and gain full control over the website. Ultimate Member is
Exploit for Critical Auth Bypass Flaw in ArcServe UDP
A critical vulnerability has been discovered in ArcServe Unified Data Protection (UDP) versions 7.0 to 9.0 that can be exploited to bypass authentication on the system. ArcServe UDP is data
OpenSSH Cryptomining Attacks on Linux and IoTs
Internet-facing Linux-based systems and Internet of Things (IoT) devices are being targeted in a recent attack that uses a patched version of OpenSSH to take over the devices and install
Apple Fix Exploited Flaws Used to Deploy Spyware
Three actively exploited vulnerabilities have recently been patched by Apple, two of which have been used to deploy Triangulation spyware onto iOS devices. Russian security firm Kaspersky published a report
Grafana Fix Azure AD Authentication Bypass Flaw
Open-source data analytics and visualisations organisation Grafana have released a new security update for their app that patches a critical severity authorisation bypass flaw. This vulnerability affects Grafana accounts that
Critical Vulnerability Patched in Zyxel NAS Devices
Zyxel Network Attached Storage (NAS) devices have received a security update to patch a critical severity command injection vulnerability. Devices affected by this flaw include NAS326 models running firmware version
ASUS Patch Critical Flaws from 2022 and 2018
The new ASUS router firmware update contains security patches for nine vulnerabilities amongst other important security fixes. Six of these vulnerabilities are high severity flaws, while another two, from 2018
Critical Flaws Exploited in MOVEit Transfer Data Theft
MOVEit Transfer and MOVEit Cloud customers experienced data theft attacks through the exploit of critical vulnerabilities beginning at the end of last month. High profile organisations across the UK and
Critical RCE Fortinet Flaw May Have Been Exploited
A critical remote code execution vulnerability has been patched in the latest Fortigate firmware updates for Fortinet FortiOS, FortiOS-6K7K, and FortiProxy SSL VPN devices. These updates were pushed out last
Subscribe to our monthly newsletter today
If you’d like to stay up-to-date with the latest cyber security news and articles from our technical team, you can sign up to our monthly newsletter.
We hate spam as much as you do, so we promise not to bombard you with emails. We’ll send you a single, curated email each month that contains all of our cyber security news and articles for that month.