Researchers who discovered two critical vulnerabilities in Microsoft SharePoint Server have released details of an exploit they developed that chains the two vulnerabilities together to enable remote code execution on affected servers.Separately, another...

An old Chinese state-linked threat actor has been quietly manipulating Cisco routers to breach multinational organizations in the US and Japan."BlackTech" (aka Palmerworm, Temp.Overboard, Circuit Panda, and Radio Panda) has been replacing device firmware with...

In a major update to its Windows 11 operating system this week, Microsoft has integrated Passkeys alongside Windows Hello, its biometric authentication tool.Passkeys creates a unique credential that allows users to authenticate with their face, fingerprint, or...

In cybersecurity, "threat data feeds" and "threat intelligence" are often used interchangeably. They are, however, quite different. To make matters worse, the term "threat intelligence" has been co-opted and watered down by vendors, making it even more...

Two new security flaws in the popular Simple Membership plugin for WordPress, affecting versions 4.3.4 and below, have been identified, leading to potential privilege escalation issues.  With over 50,000 active installations, the plugin developed by smp7 and...