In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw

The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified CM SME deployments.

EdTech Attackers Shift From Schools to Their Software Suppliers

Educational institutions, the edtech companies they rely on, and, more concerningly, the challenges they pose for schools are the focus of the latest Reporters' Notebook video series.

Local Police Collusion Hampers Crackdown on Asian Scam Centers

With tens of billions of dollars flowing into regional economies from cybercrime, scam centers continue to flourish, despite international and law-enforcement efforts.

Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure

Researchers believe rogue peering was used to connect to the victim's SD-WAN devices to gain admin privileges and root-level access.

Do CISOs Need a Code of Ethics?

Kickbacks, no-show jobs, "dirty" VCs, and shelf ware — industry expert Robert "RSnake" Hansen explains why he thinks its time for a CISO code of ethics to ensure cybersecurity bosses aren't engaged in self-dealing that could risk enterprise, and even national, security.

More Malicious OpenClaw Skills Threaten AI Supply Chain

OpenClaw removed five packages from ClawHub, its skills marketplace, that bypassed security checks even though they included infostealers and other threats.

Apple's MacOS Gap Lets Users Disable Security Tools

Attackers can exploit the issue to disable security and integrated browser tools without needing administrator privileges or kernel exploits.