Browsing: Threats and Vulnerabilities

ShinyHunters targets Oracle PeopleSoft customers through critical zero-day

Kirsten DoyleJune 19, 20263 Mins Read

Oracle has issued a security alert to customers about a critical vulnerability affecting PeopleSoft environments after the notorious threat actor…

Zero Trust: Beyond the hype, toward reality

Mieng LimJune 9, 20267 Mins Read

Security is approaching Zero Trust all wrong. Vendors are promising too much and delivering too little. Marketing hype has overtaken…

Palo Alto warns of active exploitation of GlobalProtect authentication bypass flaw

Kirsten DoyleJune 2, 20263 Mins Read

Palo Alto Networks has alerted customers about the ongoing exploitation of the authentication bypass vulnerability in PAN-OS GlobalProtect. The vulnerability,…

CrowdStrike, Google, and Shadowserver Foundation disrupt Glassworm botnet

Kirsten DoyleJune 1, 20265 Mins Read

CrowdStrike has shared details of a coordinated operation used to disable the Glassworm botnet, which targets software developers and leverages…

Passwordless security and the new identity battleground

Kirsten DoyleMay 26, 202614 Mins Read

For years, passwords were the only thing that mattered for securing our online presence, but the discussion around authentication is…

Exploited Faster, Patched Slower: Verizon DBIR 2026 Shows Security Teams Losing Ground

Kirsten DoyleMay 20, 20265 Mins Read

The Verizon 2026 Data Breach Investigations Report (DBIR) reveals a threat environment moving much faster than many organizations can reasonably protect themselves against. Based…

How EM is boosting the career trajectory of VM analysts

Katrina ThompsonMay 19, 20266 Mins Read

As organizations shift from vulnerability management (VM) to exposure management (EM), the role of the VM analyst must evolve or…

Microsoft discloses Exchange zero-day with no patch yet available

Kirsten DoyleMay 18, 20263 Mins Read

Microsoft has disclosed a zero-day vulnerability that affects Exchange Server 2016, 2019, and Subscription Edition. This vulnerability would give bad actors an opportunity to…

Microsoft patches 138 vulnerabilities as AI-driven discovery accelerates

Kirsten DoyleMay 14, 20265 Mins Read

Microsoft is poised to set a new record for yearly patching by having released patches for over 130 vulnerabilities as part of its May…

Security’s Blind Spot: The Threats Hiding in “Low-Severity” Alerts

Mitchem BolesMay 6, 20265 Mins Read

Security operations centers (SOCs) operate under a difficult reality where there are far more security alerts than human analysts available…