Browsing: Threat Intelligence

Critical Cisco Flaw Lets Attackers Gain Root Access to Unified CM

Kirsten DoyleJuly 4, 20255 Mins Read

Cisco has patched a critical flaw in its Unified Communications Manager (Unified CM) software that allowed unauthenticated remote attackers to…

Zero-Click AI Vulnerability “EchoLeak” Found in Microsoft 365 Copilot

Kirsten DoyleJune 12, 20255 Mins Read

Researchers at Aim Labs have uncovered a zero-click vulnerability in Microsoft 365 Copilot, dubbed “EchoLeak.” This flaw allows threat actors…

AppOmni Uncovers Five Zero-Days and 15 Critical Misconfigurations in Salesforce Industry Cloud

Kirsten DoyleJune 11, 20256 Mins Read

Security researchers at AppOmni have discovered five zero-day vulnerabilities and 15 severe but avoidable misconfiguration traps in Salesforce Industry Cloud.…

CVE-2025-20188: Maximum Severity Arbitrary File Upload Flaw Threatens Enterprise Wi-Fi Networks

Kirsten DoyleJune 3, 20254 Mins Read

Technical details for a critical Cisco IOS XE Wireless LAN Controller (WLC) vulnerability, tracked as CVE-2025-20188, have now been publicly…

OneDrive File Picker Flaw Exposes Millions to Unintended Data Access, Oasis Security Warns

Kirsten DoyleMay 29, 20257 Mins Read

A newly uncovered flaw in Microsoft’s OneDrive File Picker could be putting millions of users at risk of unintended data…

New NIST Metric Could Help Organizations Zero In on Exploited Vulnerabilities

Kirsten DoyleMay 27, 20255 Mins Read

Let’s face it: most companies are drowning in vulnerabilities and struggling to patch even a fraction of them. The question…

Improving Cyber and Mental Resilience with Threat Information Sharing

Chris JacobMay 21, 20254 Mins Read

In a world where data provides companies with a competitive advantage, sharing it amongst other businesses, especially in the same…

“Colossal Mistake” Allowed M&S Attackers to Remain Undetected for 52 Hours

Kirsten DoyleMay 20, 20253 Mins Read

The recent breach at Marks & Spencer (M&S) went undetected for up to 52 hours, a lapse insiders have called…

Critical Flaws in WordPress Theme Leave 82,000+ Sites Open to Full Takeover

Kirsten DoyleMay 15, 20255 Mins Read

Two serious security vulnerabilities have been discovered in TheGem, a premium WordPress theme used by more than 82,000 websites worldwide.…

ENISA Debuts Centralized Cybersecurity Vulnerability Database

Kirsten DoyleMay 14, 20256 Mins Read

The European Union Agency for Cybersecurity (ENISA) has officially launched the European Vulnerability Database (EUVD) to enhance cyber resilience. Developed…