Author Info

Conifers.ai, an innovative startup specializing in AI-driven security solutions, has recently secured a $25 million investment to develop its unique "agentic AI" technology. This funding aims to address complex issues faced by security operations centers (SOC) globally. Advancing SOC Capabilities with Cognitive AI Based in Israel and

The New York Blood Center (NYBC), a major player in blood collection and distribution, encountered a ransomware attack that has led to the rescheduling of some donation appointments. This organization, which gathers close to 4,000 blood units daily, serves a vast population across more than a dozen states and

VMware has released security updates addressing multiple vulnerabilities in its Aria Operations and Aria Operations for Logs products. These patches aim to prevent malicious actors from gaining administrative-level access through these flaws. Understanding the Vulnerabilities Among the most critical of the issues are two information disclosure vulnerabilities, identified as CVE-2025-22218

Researchers have identified three significant vulnerabilities in the open-source PHP package Voyager, which is used to manage Laravel applications. These flaws could allow attackers to perform remote code execution (RCE) attacks with just one malicious click. The Vulnerabilities Unveiled Despite efforts to report these issues, the vulnerabilities remain unpatched. They

Wiz Research recently uncovered a ClickHouse database related to DeepSeek that was left publicly accessible without any authentication. This exposure allowed complete control over the database, leaking over a million entries of log streams that included chat history, secret keys, backend details, and other critical information. Following a responsible disclosure

Investigations into North Korea's Lazarus group's recent cyberattacks on global cryptocurrency companies and software developers have revealed a hidden administrative layer. This platform is used by the attackers to centrally control the campaign's command and control (C2) framework. Discovery of the Admin Layer Researchers

Recent security incidents highlight how the Solana Pump.fun tool, known as DogWifTool, has been compromised, leading to severe financial consequences for users. A supply chain attack was executed targeting the Windows client of this tool, resulting in significant malware distribution. Nature of the Attack The attack originates from a

A previously undiscovered vulnerability in Zyxel CPE Series devices is being actively targeted by cybercriminals, highlighting the urgent need for a patch. The security flaw, identified as CVE-2024-40891, was initially reported by VulnCheck, a firm specializing in vulnerability intelligence, last July. Despite the passage of six months, Zyxel has not

The United States Cybersecurity and Infrastructure Security Agency (CISA) has included a security flaw affecting multiple Apple products in its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, identified as CVE-2025-24085, is a significant issue that Apple has recently addressed with security updates. Details of the Vulnerability Apple released these security