#1
CISA: Recently patched RoundCube flaws now exploited in attacks CISA flagged two Roundcube Webmail vulnerabilities as actively exploited in attacks and ordered U.S. federal agencies to patch them within three weeks.
Active exploit / zero-day; Patch / fix available; Government agency; Category: Security
#2
Critical SolarWinds Serv-U flaws offer root access to servers SolarWinds has patched four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers. [...]
Critical severity; Category: Security
#3
ShinyHunters extortion gang claims Odido breach affecting millions The ShinyHunters extortion gang has claimed responsibility for breaching Dutch telecommunications provider Odido and stealing millions of user records f…
Breach / data leak; Category: Security
#4
Ad tech firm Optimizely confirms data breach after vishing attack New York-based ad tech company Optimizely has notified an undisclosed number of customers of a data breach after threat actors compromised some of its sy…
Breach / data leak; Category: Security
#5
When identity isn’t the weak link, access still is Stolen tokens and compromised devices let attackers reuse trust without breaking authentication. Specops Software explains why identity alone isn't enough and how conti…
Breach / data leak; Category: Security