Tenable has launched version 10.8.5 of its Nessus Agent software to address three high-severity vulnerabilities that could allow non-administrative users to gain SYSTEM-level access on Windows hosts.
Website administrators must implement comprehensive security measures to safeguard against malware injections and other cyber threats that can compromise systems and steal sensitive information.
WestJet Airlines is investigating a significant cybersecurity breach that has affected its mobile application and internal systems, while ensuring that core flight operations remain secure.
A critical client-side open redirect vulnerability, known as “the Grafana Ghost” (CVE-2025-4123), threatens over 46,000 Grafana instances with account takeover risks, as more than one-third remain unpatched since its discovery in May 2025.
The Anubis ransomware-as-a-service operator combines file encryption with a destructive data-wiping feature, significantly increasing pressure on victims and complicating recovery efforts.
A recent wave of cyber-attacks utilizing the HijackLoader and DeerStealer malware has been identified, employing advanced phishing tactics to compromise victims and extract sensitive data.
Organizations are increasingly focusing on Identity & Access Management (IAM) to combat the rising threat of identity-based attacks, which exploit weak credentials and pose significant risks to data security.
The United Kingdom, led by the National Cyber Security Centre and the Department for Science, Innovation & Technology, is developing global standards to enhance the cybersecurity of AI systems, addressing both emerging and traditional threats.
Researchers from Aim Labs have discovered a zero-click vulnerability in Microsoft 365 Copilot, known as ‘EchoLeak,’ which allows attackers to exfiltrate sensitive corporate data through a single malicious email without user interaction.
A cybersecurity incident revealed that at least four European journalists, including Italian bureau chief Ciro Pellegrino, were infected with Graphite spyware through a sophisticated zero-click iMessage attack exploiting a critical iOS vulnerability.
