Category: Security
Threat Spotlight: Tycoon phishing kit reveals new techniques to hide malicious links
Phishing emails often feature malicious links (URLs) that lead victims to fake websites where they are infected with harmful software or tricked into giving away personal information such as their account credentials. Uncover how these attacks work in the latest...
Cybersecurity Threat Advisory: Passwordstate emergency patch released
Click Studios has released an emergency update for Passwordstate 9.9 to address a high-severity security vulnerability. According to the changelog, the flaw could be exploited to bypass authentication. Review the details in this Cybersecurity Threat Advisory to reduce your risk...
Cybersecurity Threat Advisory: Critical FreePBX zero-day vulnerability
Researchers have discovered a zero-day vulnerability in Sangoma FreePBX, identified as CVE-2025-57819. This flaw allows unauthenticated remote attackers to take control of affected PBX systems, potentially resulting in remote code execution (RCE), arbitrary database manipulation, and full system compromise. Review...
Back to school, back to scams part 2: Mitigation in motion
As students and faculty return to campuses across the nation this fall, they’re not the only ones getting back into the swing of things. Cybercriminals are also sharpening their pencils – or rather, their phishing emails and ransomware attacks –...
Evil-GPT: The “Enemy of ChatGPT”
In the ever-evolving landscape of cybercrime, one tool has emerged as a particularly insidious player: Evil-GPT. Marketed on hacker forums on the dark web as the “ultimate enemy of ChatGPT” and the “best alternative to WormGPT,” this malicious artificial intelligence...
Cybersecurity Threat Advisory: Citrix patches NetScaler flaws
Citrix has issued patches for three zero-day vulnerabilities affecting NetScaler ADC and Gateway, including one that attackers have already begun exploiting. Review the details in this Cybersecurity Threat Advisory to reduce your risk from these threats. What is the threat?...
Back to school, back to scams
As August fades into September, certain sights and sounds return like clockwork: bright yellow school buses rumbling down the roads, playgrounds echoing with the squeals of energetic children, and the slow shift of the seasons. As schools ease into their...
The dark side of generative AI: Unveiling the AI threat landscape
Generative artificial intelligence (Gen AI) has unleashed a new threat landscape for cybercrime. Threat actors now weaponize large language models (LLMs), which once served primarily legitimate purposes. Underground forums and dark web marketplaces are buzzing with “dark LLMs” — custom...
AI tools spark surge in security service needs
The rapid spread of generative artificial intelligence (Gen AI) tools has reached a tipping point, raising serious cybersecurity concerns, and creating opportunities for managed service providers (MSPs). A survey of 200 North American security leaders conducted by OpinionRoute on behalf...
Cybersecurity Threat Advisory: Critical SAP NetWeaver vulnerabilities
Researchers have uncovered a chained vulnerability in SAP NetWeaver Visual Composer involving authentication bypass and insecure deserialization. These critical flaws—tracked as CVE-2025-31324 and CVE-2025-42999—are currently being exploited in an active threat campaign targeting exposed Visual Composer servers. Review the details...
