HEADS UP SAP CUSTOMERS- A mission-destroying CVSS 10.0 vulnerability in SAP NetWeaver’s Visual Composer is under active exploitation. Unauthenticated attackers are achieving full remote code execution (RCE). Immediate patching—or disabling Visual Composer—is critical.

Back on March 29th, we warned you that a new NTLM zero-day was leaving millions of Windows systems exposed. Now, CVE-2025-24054 is being actively exploited in the wild — and attackers are weaponizing it with alarming speed. Here’s what you need to know right now.

Two Apple zero-days—CVE-2025-31200 and CVE-2025-31201—are being actively exploited in the wild to hack iPhones, iPads, Macs, and more. These aren’t hypothetical bugs. This is real-world code execution and hardware bypass in action. Patch now. Delay later. Regret optional.

Four newly disclosed flaws in Windows Task Scheduler let attackers quietly escalate privileges, impersonate admins, and even wipe forensic logs. No CVEs. No patches. If you’re running Windows, you’re in the blast radius. Here’s how it works—and how to fight back.

A remote, unauthenticated attacker can crash unpatched Palo Alto firewalls using a single packet—even if you’re not using the affected SCEP feature. That’s a bad day for anyone. For colleges? It could knock students offline, disrupt LMS access, and throw your IT team into chaos. Here’s what you need to know and patch now.

If your website runs WordPress, stop what you’re doing and check your plugins. Three newly disclosed—and very real—vulnerabilities are putting thousands of sites at immediate risk. One is already being actively exploited just hours after disclosure.

Here’s what you need to know, what’s at risk, and how to lock things down before attackers walk right in.

Two newly disclosed Android vulnerabilities—CVE-2024-53150 and CVE-2024-53197—are being actively exploited to extract sensitive data from locked devices. The catch? All it takes is a malicious USB cable. Here’s what higher ed and healthcare orgs need to know, and why MDM USB lockdown is your new best friend.

Just because you patched your FortiGate firewalls doesn’t mean you’re safe. Attackers are using a sneaky post-exploitation trick—placing symbolic links in the SSL-VPN language directory—to retain read-only access to the entire filesystem.

e Cybersecurity and Infrastructure Security Agency (CISA) has issued new advisories highlighting severe vulnerabilities in industrial control systems (ICS) from Siemens, Rockwell Automation, and ABB. These vulnerabilities pose significant risks to the Energy and Critical Manufacturing sectors, demanding immediate attention and action.

Discover how the Luna Moth group is redefining phishing attacks by exploiting human trust and bypassing traditional security measures. Learn how to safeguard your business against this emerging threat.The Luna Moth Callback Phishing scheme is a...

Microsoft’s April 2025 security update tackles 134 vulnerabilities, including 11 Critical Remote Code Execution flaws that pose urgent risks to organizations in education, healthcare, and beyond.

A new zero-day in the Windows CLFS driver is being actively exploited by RansomEXX-linked actors. CVE-2025-29824 enables local attackers to escalate to SYSTEM privileges with no user interaction—turning a basic foothold into full system compromise. Windows 10 remains unpatched as of April 9, 2025. Here’s what you need to know—and do—right now.

A significant security flaw has been identified in WinRAR versions prior to 7.11, known as CVE-2025-31334. This vulnerability allows attackers to bypass Windows' Mark of the Web (MotW) security warnings, potentially enabling malicious code...