NetmanageIT CTO Corner

Beware: PayPal subscriptions abused to send fake purchase emails

Beware: PayPal subscriptions abused to send fake purchase emails

BleepingComputer

CyberVolk’s ransomware debut stumbles on cryptography weakness

CyberVolk’s ransomware debut stumbles on cryptography weakness

BleepingComputer

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Apple fixes two zero-day flaws exploited in 'sophisticated' attacks

Apple fixes two zero-day flaws exploited in 'sophisticated' attacks

BleepingComputer

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Coupang data breach traced to ex-employee who retained system access

Coupang data breach traced to ex-employee who retained system access

BleepingComputer

Fake ‘One Battle After Another’ torrent hides malware in subtitles

Fake ‘One Battle After Another’ torrent hides malware in subtitles

BleepingComputer

Kali Linux 2025.4 released with 3 new tools, desktop updates

Kali Linux 2025.4 released with 3 new tools, desktop updates

BleepingComputer

Shadow spreadsheets: The security gap your tools can’t see

Shadow spreadsheets: The security gap your tools can’t see

BleepingComputer

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

New Windows RasMan zero-day flaw gets free, unofficial patches

New Windows RasMan zero-day flaw gets free, unofficial patches

BleepingComputer

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

CISA orders feds to patch actively exploited Geoserver flaw

CISA orders feds to patch actively exploited Geoserver flaw

BleepingComputer

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

MITRE shares 2025's top 25 most dangerous software weaknesses

MITRE shares 2025's top 25 most dangerous software weaknesses

BleepingComputer

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

MKVCinemas streaming piracy service with 142M visits shuts down

MKVCinemas streaming piracy service with 142M visits shuts down

BleepingComputer

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

Brave browser starts testing agentic AI mode for automated tasks

Brave browser starts testing agentic AI mode for automated tasks

BleepingComputer

Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks

Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks

BleepingComputer

Notepad++ fixes flaw that let attackers push malicious update files

Notepad++ fixes flaw that let attackers push malicious update files

BleepingComputer

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

BleepingComputer

UK fines LastPass over 2022 data breach impacting 1.6 million users

UK fines LastPass over 2022 data breach impacting 1.6 million users

BleepingComputer

Microsoft bounty program now includes any flaw impacting its services

Microsoft bounty program now includes any flaw impacting its services

BleepingComputer