SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection

23/05/2025 0 Comments 0 tags

From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. SafeLine is currently the most starred

300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide

23/05/2025 0 Comments 0 tags

As part of the latest “season” of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized 650 domains, and issued arrest warrants against

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts

23/05/2025 0 Comments 0 tags

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab’s artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into

CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs

23/05/2025 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. “Threat actors may

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

23/05/2025 0 Comments 0 tags

The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks

22/05/2025 0 Comments 0 tags

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. “UAT-6382 successfully exploited

Unpatched Versa Concerto Flaws Let Attackers Escape Docker and Compromise Host

22/05/2025 0 Comments 0 tags

Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited to take control of susceptible instances. It’s worth

Webinar: Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program

22/05/2025 0 Comments 0 tags

It’s not enough to be secure. In today’s legal climate, you need to prove it. Whether you’re protecting a small company or managing compliance across a global enterprise, one thing

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks

22/05/2025 0 Comments 0 tags

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across

Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise

22/05/2025 0 Comments 0 tags

A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directory (AD). “The attack exploits the delegated