Security Bulletin

The outage mainly affected users in Moscow, who experienced interruptions to mobile, cable internet, and television services.

The issue impacted Nessus Agent versions 10.8.0 and 10.8.1 and rendered agents offline in regions including the Americas, Europe, and Asia. Tenable halted plugin updates to contain the problem and later released version 10.8.2 to address the shutdown...

The attacks, which targeted key sectors such as telecommunications, transportation, and defense, have disrupted vital government services and heightened concerns about Taiwan’s digital vulnerabilities.

In a virtual meeting with China’s Vice Premier He Lifeng, U.S. Treasury Secretary Janet Yellen expressed serious concern regarding alleged malicious cyber activities perpetrated by actors sponsored by the People’s Republic of China.

Integrating Phylum's technology would enable Veracode's Software Composition Analysis platform to accelerate identification and response to malicious packages in open-source libraries while providing customers with improved visibility on open-source...

Such figures represent a significant increase in government requests fulfilled by Telegram, which had only provided 108 users' information in response to 14 requests until September, when the messaging platform updated its privacy policy in aid of...

Low-code/no-code (LCNC) and robotic process automation (RPA) technologies allow companies to speed up development processes and reduce costs, but security is often overlooked. When this happens, the risks can outweigh the benefits.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0282 Ivanti Connect Secure Vulnerability These types of vulnerabilities are frequent attack vectors for malicious...

Ivanti released security updates to address vulnerabilities (CVE-2025-0282, CVE-2025-0283) in Ivanti Connect Secure, Policy Secure, and ZTA Gateways. A cyber threat actor could exploit CVE-2025-0282 to take control of an affected system. CISA has...

The southern African telco is the latest entity on the continent to have its critical infrastructure hacked, and attackers release sensitive info online when Telecom Namibia refuses to negotiate.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Attackers could remotely reset the router password and inject commands through the reset password page.