SonicWall has revealed that the recent spike in activity targeting its Gen 7 and newer firewalls with SSL VPN enabled is related to an older, now-patched bug and password reuse. “We now have high confidence that the recent SSL VPN activity is not connected to a zero-day vulnerability,” the company said. “Instead, there is a […]
Author Archives: Onsite Computing, Inc.
The Alliance for Creativity and Entertainment (ACE) announced the shutdown of Rare Breed TV, a major illegal IPTV service provider, after reaching a financial settlement with its operators. […] Go to Source Author: Sergiu Gatlan
Air France and KLM announced on Wednesday that attackers had breached a customer service platform and stolen the data of an undisclosed number of customers. […] Go to Source Author: Sergiu Gatlan
Microsoft has warned customers to mitigate a high-severity vulnerability in Exchange Server hybrid deployments that could allow attackers to escalate their privileges in Exchange Online cloud environments without leaving any traces. […] Go to Source Author: Sergiu Gatlan
Python is everywhere in modern software. From machine learning models to production microservices, chances are your code—and your business—depends on Python packages you didn’t write. But in 2025, that trust comes with a serious risk. Every few weeks, we’re seeing fresh headlines about malicious packages uploaded to the Python Package Index (PyPI)—many going undetected until […]
OpenAI is hosting a live stream at 10AM PT to announce GPT-5, but Microsoft has already confirmed the details. […] Go to Source Author: Mayank Parmar
Secrets managers hold all the keys to an enterprise’s kingdom. Two popular ones had longstanding, critical, unauthenticated RCE vulnerabilities. Go to Source Author: Nate Nelson, Contributing Writer
The now-patched vulnerabilities exist at the firmware level and enable deep persistence on compromised systems. Go to Source Author: Jai Vijayan, Contributing Writer
Cybersecurity researchers have demonstrated an “end-to-end privilege escalation chain” in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct lateral movement, access sensitive data, and seize control of the cloud environment. The attack technique has been codenamed ECScape by Sweet Security researcher Naor Haziz, who presented the findings today at […]
Akira ransomware is abusing a legitimate Intel CPU tuning driver to turn off Microsoft Defender in attacks from security tools and EDRs running on target machines. […] Go to Source Author: Bill Toulas