SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Common Vulnerabilities and Exposures (CVE) Stories - Page 5

Global Stories

Common Vulnerabilities and Exposures (CVE) stories

FBI & CISA warn of Ghost ransomware threats worldwide
Malware

FBI & CISA warn of Ghost ransomware threats worldwide

The FBI and CISA have alerted organisations to increased cyber threats from China's Ghost ransomware group, affecting over 70 countries through outdated software.

By Kaleah Salmon 2 min read Tue, 25th Feb 2025
Microsoft's February 2025 patch fixes 56 vulnerabilities
Malware

Microsoft's February 2025 patch fixes 56 vulnerabilities

Microsoft has patched 56 vulnerabilities in its February 2025 update, including two now exploited, marking a fifth month of no critical zero-days released.

By Sean Mitchell 3 min read Mon, 24th Feb 2025
The State of Java in 2025: Oracle's dominance is over
Artificial Intelligence

The State of Java in 2025: Oracle's dominance is over

In a significant shift, 90% of Australian firms are eyeing alternatives to Oracle Java, citing concerns over its pricing and cloud inefficiencies, according to a new survey.

By Simon Ritter 4 min read Fri, 21st Feb 2025
High-severity SQL vulnerability found in PostgreSQL tool
Rapid7

High-severity SQL vulnerability found in PostgreSQL tool

Rapid7 has revealed a critical SQL injection vulnerability in PostgreSQL's psql tool, potentially exposing users to severe security risks.

By Melania Watson 2 min read Fri, 14th Feb 2025
GitHub partners with Endor Labs to boost security features
Cloud Security

GitHub partners with Endor Labs to boost security features

GitHub has partnered with Endor Labs, integrating advanced security software to help developers swiftly identify and manage critical vulnerabilities within the platform.

By Catherine Knowles 2 min read Fri, 14th Feb 2025
Akamai uncovers critical Kubernetes flaw for Windows nodes
Virtualisation

Akamai uncovers critical Kubernetes flaw for Windows nodes

Akamai's security team has revealed a serious flaw in Kubernetes, allowing remote code execution on Windows endpoints, posing significant risks to clusters.

By Shannon Williams 3 min read Tue, 28th Jan 2025
Zyxel Networks wins 2024 award for firewall innovation
Firewalls

Zyxel Networks wins 2024 award for firewall innovation

Zyxel Networks has won the 2024 Cyber Security Award for Innovation for its USG FLEX 200HP Security Firewall, enhancing global digital resilience.

By Sean Mitchell 2 min read Tue, 21st Jan 2025
Fortinet firewalls hit by major data leak and zero-day flaw
Firewalls

Fortinet firewalls hit by major data leak and zero-day flaw

A major data leak impacting Fortinet firewalls has revealed sensitive information from 15,000 devices following a critical vulnerability, prompting urgent cybersecurity measures.

By Catherine Knowles 3 min read Fri, 17th Jan 2025
A look ahead: Experts weigh in on 2025 cybersecurity trends
Artificial Intelligence

A look ahead: Experts weigh in on 2025 cybersecurity trends

As experts forecast 2025's cybersecurity trends, organisations are urged to enhance their defences against evolving AI-driven threats and embrace unified security solutions.

By Radware 8 min read Thu, 16th Jan 2025
January Patch Tuesday reveals 161 vulnerabilities
Email Security

January Patch Tuesday reveals 161 vulnerabilities

On January's Patch Tuesday, Microsoft revealed 161 vulnerabilities, including eight under active exploitation, with no browser flaws noted this month.

By Adam Barnett 6 min read Thu, 16th Jan 2025
Microsoft patches record 157 vulnerabilities in January 2025
Advanced Persistent Threat Protection

Microsoft patches record 157 vulnerabilities in January 2025

Microsoft has unveiled its January 2025 Patch Tuesday update, tackling a record 157 vulnerabilities, including eight critical zero-day flaws.

By Imee Dequito 3 min read Wed, 15th Jan 2025
How AI and software development will continue to shape the developer community in 2025
Supply Chain

How AI and software development will continue to shape the developer community in 2025

In 2025, organisations must navigate the complexities of AI integration in software development, balancing innovation with security and skilled developer support.

By Pieter Danhieux and Matias Madou 7 min read Tue, 14th Jan 2025
Mandiant reveals details of major Ivanti VPN vulnerability
Malware

Mandiant reveals details of major Ivanti VPN vulnerability

Mandiant unveils a critical zero-day vulnerability in Ivanti Connect Secure VPN appliances, exploited since December 2024 by a suspected China-linked group.

By Sean Mitchell 2 min read Fri, 10th Jan 2025
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild
Firewalls

CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild

Ivanti has alerted users that the CVE-2025-0282 zero-day vulnerability in Connect Secure is being actively exploited, with patches now available.

By Caitlin Condon 2 min read Thu, 9th Jan 2025
Ivanti issues patch for critical security vulnerability
Advanced Persistent Threat Protection

Ivanti issues patch for critical security vulnerability

Ivanti has announced critical patches for two vulnerabilities in its Connect Secure and Policy Secure products, one of which is already under active exploitation.

By Sean Mitchell 2 min read Thu, 9th Jan 2025
Open source software challenges predicted to continue in 2025
Endpoint Protection

Open source software challenges predicted to continue in 2025

Chris Hughes predicts that open source software adoption will grow in 2025, alongside sophisticated attacks and challenges in governance and security.

By Catherine Knowles 3 min read Sun, 5th Jan 2025
CloudSEK report reveals surge in complex cyber threats
Firewalls

CloudSEK report reveals surge in complex cyber threats

CloudSEK's 2024 Threat Landscape Report reveals a staggering 994TB of data exfiltrated, with ransomware demands averaging over USD $2 million.

By Shannon Williams 3 min read Wed, 1st Jan 2025
2024 cyber threat landscape highlights key attack trends
Malware

2024 cyber threat landscape highlights key attack trends

Rapid7's analysis of the 2024 cyber threat landscape reveals alarming trends in ransomware and vulnerability exploits impacting organisations worldwide.

By Kaleah Salmon 3 min read Tue, 17th Dec 2024
December Patch Tuesday reveals 70 vulnerabilities
Ransomware

December Patch Tuesday reveals 70 vulnerabilities

This December, Microsoft addresses 70 vulnerabilities, including 16 critical remote code execution flaws, in its latest Patch Tuesday update.

By Adam Barnett 4 min read Wed, 11th Dec 2024