Our news

CISA, the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) have issued an updated advisory on Play ransomware, also known as Playcrypt. This advisory highlights new tactics, techniques, and procedures used by the Play ransomware group and provides updated indicators of compromise (IOCs) to enhance threat detection. Since

READ MORE →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Daily College Class Work Report Book A vulnerability classified as critical has been found in 1000 Projects Daily College Class Work Report Book 1.0. Affected is an unknown function of the file /dcwr_entry.php. The manipulation of the argument Date leads to sql injection.

READ MORE →

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info AutomationDirect–MB-Gateway The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, or arbitrary code execution depending on the environment and exposed functionality. 2025-05-21 10 CVE-2025-36535 mojoomla–Hospital Management System Unrestricted Upload of File with

READ MORE →

Today, CISA, in collaboration with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and other international and U.S. partners, released new guidance for organizations seeking to procure Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. This guidance includes the following three resources: Implementing SIEM and SOAR Platforms

READ MORE →

Commvault is monitoring cyber threat activity targeting their applications hosted in their Microsoft Azure cloud environment. Threat actors may have accessed client secrets for Commvault’s (Metallic) Microsoft 365 (M365) backup software-as-a-service (SaaS) solution, hosted in Azure. This provided the threat actors with unauthorized access to Commvault’s customers’ M365 environments that have application secrets stored by Commvault.

READ MORE →

Today, CISA, the National Security Agency, the Federal Bureau of Investigation, and international partners released a joint Cybersecurity Information Sheet on AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems.  This information sheet highlights the critical role of data security in ensuring the accuracy, integrity, and trustworthiness of AI

READ MORE →

Summary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with threat actors deploying the LummaC2 information stealer (infostealer) malware. LummaC2 malware is able to infiltrate victim computer networks and exfiltrate

READ MORE →

Executive Summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff

READ MORE →

Today, CISA and the Federal Bureau of Investigation released a joint Cybersecurity Advisory, LummaC2 Malware Targeting U.S. Critical Infrastructure Sectors. This advisory details the tactics, techniques, and procedures, and indicators of compromise (IOCs) linked to threat actors deploying LummaC2 malware. This malware poses a serious threat, capable of infiltrating networks and exfiltrating sensitive information, to

READ MORE →