Cisco email security products actively targeted in zero-day campaign

A China-affiliated threat actor has been abusing a zero-day vulnerability in multiple Cisco email appliances to gain access to the underlying system and establish persistence. Cisco confirmed the news ...
Hackaday

This Week In Security: PostHog, Project Zero Refresh, And Thanks For All The Fish

There’s something immensely satisfying about taking a series of low impact CVEs, and stringing them together into a full exploit. That’s the story we have from [Mehmet Ince] of ...
Security Boulevard

SSH vs SSL/TLS: Definitions & Differences of Communication Protocols

What is SSL/TLS? SSL and TLS are protocols used on the transport layer, which is used to provide a secure connection between two nodes in a computer network. The first widely used protocol that was ...
SecurityWeek

SonicWall Patches Exploited SMA 1000 Zero-Day

Threat actors are chaining CVE-2025-40602, a fresh SonicWall zero-day, with CVE-2025-23006 for unauthenticated remote code ...

Cisco has a 'Chinese warning': Critical flaw gives Chinese hackers complete access to...

Chinese hackers are exploiting a critical Cisco email security flaw, gaining root access and installing backdoors. This ...
Dark Reading

SonicWall Edge Access Devices Hit by Zero-Day Attacks

In the attacks against the vendor's SMA1000 line, threat actors chained a new zero-day flaw with a critical vulnerability ...
Design News

A Proactive Patching Strategy Aims to Mitigate AI-Driven Attacks

AI-driven attacks on manufacturing security are increasing dramatically year over year, said Chaz Spahn, director of product management at Adaptiva, tells Design News. For instance, “40,000 ...
GitHub

A vulnerability in the SSH restricted shell interface of...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
ZDNet

DripDropper Linux malware cleans up after itself - how it works

DripDropper exploits an old server security hole. After infection, DripDropper patches the hole itself. Simple patch discipline could have stopped the exploit. Get more in-depth ZDNET tech coverage: ...
Insider Monkey

Qualys (QLYS) Wins Two Pwnie Awards at DEF CON for Groundbreaking OpenSSH Vulnerability Research

Qualys, Inc. (NASDAQ:QLYS) is one of the best mid cap AI stocks to buy right now. Qualys, Inc. (NASDAQ:QLYS) is one of the best midcap AI stocks to buy right now. On August 12, 2025, Qualys announced ...
ZDNet

Cisco patches critical security hole in Firewall Management Center - act now

Cisco's Secure Firewall Management Center security hole is as bad as they get. There is no mitigation and no workaround. Patch immediately. So far, no confirmed active exploits have been confirmed.
Insider Monkey

11 Best Mid Cap AI Stocks to Buy Right Now

Qualys, Inc. (NASDAQ:QLYS) is one of the best midcap AI stocks to buy right now. On August 12, 2025, Qualys announced that its Threat Research Unit (TRU) received two Pwnie Awards at the DEF CON ...