Microsoft Patches Highest-Severity ASP.NET Core Flaw to Date
This week, Microsoft addressed a critical vulnerability in the Kestrel ASP.NET Core web server—one that’s earned the highest severity rating ever recorded for the platform. […]
Month: October 2025
Operation Zero Disco: Cisco SNMP Flaw Used to Deploy Linux Rootkits
Trend Micro has uncovered a sophisticated campaign—dubbed Operation Zero Disco—that weaponizes a recently patched SNMP vulnerability in Cisco IOS and IOS XE software (CVE-2025-20352, CVSS […]
Capita Fined £14M for Data Breach—A Case Study in Response Failure and Regulatory Risk
Capita, one of the UK’s largest outsourcing and professional services firms, has been fined £14 million by the Information Commissioner’s Office (ICO) for a 2023 […]
Fortinet NSE Certification Program Revamped—What IT Professionals Need to Know
Effective October 15, 2025, Fortinet has rolled out major enhancements to its NSE Certification Program, reintroducing the NSE 1–8 progression model and realigning certification tracks […]
Fortinet & Ivanti Patch High-Severity Vulnerabilities—Here’s What IT Leaders Need to Know
October’s Patch Tuesday brought critical updates from Fortinet and Ivanti, addressing dozens of vulnerabilities across their product lines. While no active exploitation has been reported, […]
Microsoft’s October Patch Tuesday Fixes 172 Flaws—Including 6 Zero-Days
Microsoft’s October 2025 Patch Tuesday is one of the most critical in recent memory, addressing 172 vulnerabilities across its ecosystem—including six zero-day flaws, five remote […]
F5 Breach Exposes BIG-IP Source Code and Undisclosed Vulnerabilities—A Nation-State Wake-Up Call
F5 Networks, a cornerstone of enterprise application delivery and security, has disclosed a breach involving long-term unauthorized access to its BIG-IP product development environment. Nation-state […]
Crypto-Stealing VSCode Extensions Resurface—A Warning for Developers and Security Teams
A new report from Koi Security has revealed that malicious Visual Studio Code (VSCode) extensions—previously removed from Microsoft’s marketplace—have resurfaced on OpenVSX, a community-maintained registry […]
SimonMed Breach: 1.2 Million Patients Exposed in Medusa Ransomware Attack
SimonMed Imaging, one of the largest outpatient medical imaging providers in the U.S., has confirmed a data breach affecting over 1.2 million individuals. The breach, […]
Harvard Breach Tied to Oracle Zero-Day—A Familiar Pattern with Clop’s Playbook
Harvard University has confirmed it’s investigating a data breach linked to a zero-day vulnerability in Oracle’s E-Business Suite—an exploit now tracked as CVE-2025-61882. The Clop […]