Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems The Hacker [email protected] (The Hacker News)
May 13, 2025

Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. The vulnerability, tracked as CVE-2025-32756, carries a CVSS …


Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks The Hacker [email protected] (The Hacker News)
May 13, 2025

Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution. The vulnerabilities in question …


Hacktivists Make Little Impact During India-Pakistan Conflict darkreadingRobert Lemos, Contributing Writer
May 13, 2025

While hacktivists claimed more than 100 successful attacks against Indian government, education, and military targets, the attacks were overblown in most cases and often did not even happen. While hacktivists claimed …


ISC Stormcast For Wednesday, May 14th, 2025 https://isc.sans.edu/podcastdetail/9450, (Wed, May 14th) SANS Internet Storm Center, InfoCON: green
May 13, 2025

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.  ​Read More


Building Effective Security Programs Requires Strategy, Patience, and Clear Vision darkreadingArielle Waldman
May 13, 2025

Capital One executives share insights on how organizations should design their security program, implement passwordless technologies, and reduce their attack surface. Capital One executives share insights on how organizations should design …


Windows Zero-Day Bug Exploited for Browser-Led RCE darkreadingTara Seals
May 13, 2025

Microsoft's May 2025 Patch Tuesday update also contains four other actively exploited zero-day security vulnerabilities, two publicly known bugs, and 12 critical patches. Microsoft's May 2025 Patch Tuesday update also contains …


Chinese Actor Hit Taiwanese Drone Makers, Supply Chains darkreadingJai Vijayan, Contributing Writer
May 13, 2025

Tidrone concentrated on military entities and the satellite sector, using their associated service providers and ERP software to infect not just drones but all the entities that are part of …


What Does EU’s Bug Database Mean for Vulnerability Tracking? darkreadingAlexander Culafi, Senior News Writer, Dark Reading
May 13, 2025

The EU cyber agency ENISA has launched its vulnerability database, the EUVD; security experts shared their thoughts regarding what this means for CVEs, as well as the larger conversation around …


CISA Warns of TeleMessage Vuln Despite Low CVSS Score darkreadingKristina Beek, Associate Editor, Dark Reading
May 13, 2025

Though the app claims to use end-to-end encryption, hackers have reportedly accessed archived data on the app's servers via a new vulnerability. Though the app claims to use end-to-end encryption, hackers …


Microsoft Patch Tuesday: May 2025, (Tue, May 13th) SANS Internet Storm Center, InfoCON: green
May 13, 2025

Today, Microsoft released its expected update for the May patch on Tuesday. This update fixes 78 vulnerabilities. 11 are rated as critical, and 66 as important. Five of the vulnerabilities …