Trend Micro has warned customers to immediately secure their systems against an actively exploited remote code execution vulnerability in its Apex One endpoint security platform. […]
Black Hat USA 2025 – Summary of Vendor Announcements (Part 2)
Many companies are showcasing their products and services this week at the 2025 edition of the Black Hat conference in Las Vegas.
The post Black Hat USA 2025 – Summary of Vendor Announcements (Part 2) appeared first on SecurityWeek.
Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC
Adobe has released urgent security updates to resolve two AEM Forms vulnerabilities for which proof-of-concept (PoC) code exists.
The post Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC appeared first on SecurityWeek.
Microsoft pays record $17 million in bounties over the last 12 months
Microsoft paid a record $17 million this year to 344 security researchers across 59 countries through its bug bounty program. […]
Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems
Trend Micro has released mitigations to address critical security flaws in on-premise versions of Apex One Management Console that it said have been exploited in the wild.
The vulnerabilities (CVE-2025-54948 and CVE-2025-54987), both rated 9.4 on the CVSS scoring system, have been described as management console command injection and remote code execution flaws.
“A vulnerability in Trend Micro
The vulnerabilities (CVE-2025-54948 and CVE-2025-54987), both rated 9.4 on the CVSS scoring system, have been described as management console command injection and remote code execution flaws.
“A vulnerability in Trend Micro
CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks carried out by a threat actor called UAC-0099 targeting government agencies, the defense forces, and enterprises of the defense-industrial complex in the country.
The attacks, which leverage phishing emails as an initial compromise vector, are used to deliver malware families like MATCHBOIL, MATCHWOK, and
The attacks, which leverage phishing emails as an initial compromise vector, are used to deliver malware families like MATCHBOIL, MATCHWOK, and
AI Is Transforming Cybersecurity Adversarial Testing – Pentera Founder’s Vision
When Technology Resets the Playing Field
In 2015 I founded a cybersecurity testing software company with the belief that automated penetration testing was not only possible, but necessary. At the time, the idea was often met with skepticism, but today, with 1200+ of enterprise customers and thousands of users, that vision has proven itself. But I also know that what we’ve built so far is only
In 2015 I founded a cybersecurity testing software company with the belief that automated penetration testing was not only possible, but necessary. At the time, the idea was often met with skepticism, but today, with 1200+ of enterprise customers and thousands of users, that vision has proven itself. But I also know that what we’ve built so far is only
CISA Adds 3 D-Link Router Flaws to KEV Catalog After Active Exploitation Reports
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three old security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild.
The high-severity vulnerabilities, which are from 2020 and 2022, are listed below –
The high-severity vulnerabilities, which are from 2020 and 2022, are listed below –
CVE-2020-25078 (CVSS score: 7.5) – An unspecified vulnerability in D-Link
Pandora confirms data breach amid ongoing Salesforce data theft attacks
Danish jewelry giant Pandora has disclosed a data breach after its customer information was stolen in the ongoing Salesforce data theft attacks. […]
PBS confirms data breach after employee info leaked on Discord servers
PBS has suffered a data breach exposing the corporate contact information of its employees and those of its affiliates, BleepingComputer has learned. […]