by Beck Bailey | Sep 5, 2025 | RSS
Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-53690,...
by Beck Bailey | Sep 5, 2025 | RSS
The threat actor behind the malware-as-a-service (MaaS) framework and loader called CastleLoader has also developed a remote access trojan known as CastleRAT. “Available in both Python and C variants, CastleRAT’s core functionality consists of collecting...
by Beck Bailey | Sep 5, 2025 | RSS
Hackers exploit X’s Grok AI to spread malware via promoted ads, exposing millions to malicious links in a scheme researchers call “Grokking.”
by Beck Bailey | Sep 5, 2025 | RSS
A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has come under active exploitation in the wild. The command injection vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), was fixed by SAP as part of its...
by Beck Bailey | Sep 5, 2025 | RSS
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn’t kept pace. Most organizations still rely on traditional...
Recent Comments