Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit – Dark Reading
Exploiting the PAN-OS GlobalProtect VPN vulnerability requires certain conditions, but adversaries have done so in two attack waves that started in mid-May. – Read More
Orange Rag Legal Tech Clinic: Law Firms Can’t AI Their Way Out of a Talent Strategy Problem – Legal IT Insider
Our latest Orange Rag industry expert is Patrick Hurley, global lead for applications management solutions at Harbor, based in London. Hurley says that the question for law firms now, more…
⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More – The Hacker News
Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some “patched-ish” thing already getting chewed on in the wild, and then…
Why replacement vehicle claims are increasing after UK road traffic accidents – Legal Futures
At National Claims, we are seeing increasing numbers of enquiries from drivers seeking advice about replacement vehicle after accident arrangements, particularly where repairs are taking far longer than expected. The…
Flowise’s MCP implementation can run ghost commands – CSO Online
Enterprises using the lightweight, open-source Flowise platform to power self-hosted AI workloads have a new near-max severity issue to worry about. Researchers at Obsidian Security have detailed a one-click remote…
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan – The Hacker News
A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite…
The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools – The Hacker News
Three years ago, the practical question for an MSP building a cybersecurity practice was which “vCISO platform” to buy. The term was good shorthand for the work at the time:…
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack – The Hacker News
Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui-android, is advertised…
Transatlantic tie-up creating Winston Taylor goes live – Legal Cheek
New BigLaw giant The transatlantic merger between Taylor Wessing’s UK arm and US player Winston & Strawn has officially gone live today, creating a new BigLaw beast boasting over 1,400…
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts – The Hacker News
Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create…
Poole Alcock: Using The National Will Register to make wills easier to find – Legal Futures
According to The National Wills Report 2025, half of UK adults haven’t told anyone where their will is stored – or even if one exists. The post Poole Alcock: Using…
Claims against non-traditional professionals: A developing area for professional negligence – Legal Futures
Professional negligence claims have traditionally centred on established professions such as solicitors, accountants and architects. However, an increasing number of disputes now involve advisers whose roles sit alongside or support…
6 critical security gaps every CISO must address – CSO Online
CISOs acknowledge that no organization is completely safe, but many also admit their security measures aren’t where they’d like them to be. One-third of CISOs surveyed for Proofpoint’s 2025 Voice…
Clyde & Co opens redundancy talks with support staff – Legal Cheek
Centralise operations Clyde & Co has entered into consultation with support staff over potential job losses as the firm moves to centralise its operations. The firm is proposing to shift…
Spell-check tool to be trialled in SQE2 – Legal Cheek
Follows independent reviewer’s recommendation A spell-check tool is to be trialled in SQE2 written assessments for the first time, the Solicitors Regulation Authority (SRA) has announced. The tool, which will…