Security Bulletin

Attackers could achieve escalated SYSTEM privileges on Windows machines through the exploitation of a high-severity ASUS Armoury Crate system management software vulnerability, tracked as CVE-2025-3464, BleepingComputer reports.

Updates have been issued by Tenable to address a trio of high-severity security issues impacting its Nessus vulnerability scanner for Windows, reports Infosecurity Magazine.

[This is a guest diary by Christopher Crowley, https://montance.com ]

TechCrunch reports that leading North American grocery wholesaler United Natural Foods, Inc., has disclosed significant progress in restoring its electronic ordering systems following a cyberattack nearly two weeks ago, which has led to food...

Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

CISA issued a handful of alerts to address vulnerabilities in 10 industrial control appliances.

GrayAlpha uses custom loaders to deploy the NetSupport RAT backdoor.

Unlike typical data-stealing malware, this attack tool targets data specific to corporate and cloud infrastructures in order to execute supply chain attacks.

When security becomes a performance, the fallout isn’t just technical, it’s organizational.

The threat of wiping files and servers clean gives Anubis affiliates yet another way to leverage ransomware victims who may be hesitant to pay to get their data back, Trend Micro said.

Bad package takes aim at AI apps that contain MacOS data, CI/CD pipelines, and AWS tokens.