Apache Issues Max-Severity Tika CVE After Patch Miss – Dark Reading
The Apache Software Foundation’s earlier fix for a critical Tika flaw missed the full scope of the vulnerability, prompting an updated advisory and CVE. – Read More
Exploitation Activity Ramps Up Against React2Shell – Dark Reading
Attacks against CVE-2025-55182, which began almost immediately after public disclosure last week, have increased as more threat actors take advantage of the flaw. – Read More
US Treasury Tracks $4.5B in Ransom Payments since 2013 – Dark Reading
The US Treasury’s Financial Crimes Enforcement Network shared data showing how dramatically ransomware attacks have changed over time. – Read More
Apache Tika hit by critical vulnerability thought to be patched months ago – CSO Online
A security flaw in the widely-used Apache Tika XML document extraction utility, originally made public last summer, is wider in scope and more serious than first thought, the project’s maintainers…
When it comes to security resilience, cheaper isn’t always better – CSO Online
A procurement team throws a small party. They’ve shaved millions off the supplier budget. The CFO beams. The board applauds. Six months later, a cyber incident or supply disruption wipes…
Keep AI browsers out of your enterprise, warns Gartner – CSO Online
AI browsers including Perplexity Comet and OpenAI’s ChatGPT Atlas present security risks that cannot be adequately mitigated, and enterprises should prevent employees using them, according to Gartner. “Gartner strongly recommends…
Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT – The Hacker News
Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan named NetSupport RAT.…
Webinar Replay: Proactively managing evergreen change in Microsoft 365 – Legal IT Insider
The volume of changes in Microsoft 365 in general has grown by 65% year on year. For Microsoft Copilot, that jumps to 102%. Whether you’re part of a global enterprise…
Guest post: Why legal IT teams are re-evaluating their endpoint strategies – Legal IT Insider
By Steve Whiter, director at Appurity For years, law firms have depended on Citrix and other virtual desktop environments to deliver business-critical applications like Lexis Visualfiles. That approach made sense…
CEL Solicitors celebrates award win – Legal Futures
CEL Solicitors is celebrating after winning the Law Firm Award (50+ employees) at the Liverpool Law Society Annual Dinner and Legal Awards 2025. The post CEL Solicitors celebrates award win…
KI schafft neue Sicherheitsrisiken für OT-Netzwerke – CSO Online
Sicherheitsbehörden sehen in der vermehrten Nutzung von KI eine Gefahr für die Sicherheit von OT-Systemen. Durch bigjom jom – shutterstock.com Die Sicherheit der Betriebstechnik (Operational Technology – OT) in kritischen…
⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More – The Hacker News
It’s been a week of chaos in code and calm in headlines. A bug that broke the internet’s favorite framework, hackers chasing AI tools, fake apps stealing cash, and record-breaking…
How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year? – The Hacker News
The holiday season compresses risk into a short, high-stakes window. Systems run hot, teams run lean, and attackers time automated campaigns to get maximum return. Multiple industry threat reports show…
‘Broadside’ Mirai Variant Targets Maritime Logistics Sector – Dark Reading
‘Broadside’ is targeting a critical flaw in DVR systems to conduct command injection attacks, which can hijack devices to achieve persistence and move laterally. – Read More
Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features – The Hacker News
Cybersecurity researchers have disclosed details of two new Android malware families dubbed FvncBot and SeedSnatcher, as another upgraded version of ClayRat has been spotted in the wild. The findings come…