A critical vulnerability in Cato Networks’ widely used macOS VPN client has been disclosed, enabling attackers with limited access to gain full control over affected systems. Tracked as ZDI-25-252 (CVE pending), the flaw highlights mounting risks for enterprises relying on remote-access tools in hybrid work environments. Security firm Zero Day Initiative (ZDI) uncovered the bug, which carries […]
The post Cato Networks macOS Client Vulnerability Enables Low-Privilege Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
ESET researchers have uncovered sophisticated attack techniques employed by a China-aligned threat actor dubbed “TheWizards,” which has been actively targeting entities across Asia and the Middle East since 2022. The group employs a custom lateral movement tool called Spellbinder that performs adversary-in-the-middle (AitM) attacks using IPv6 SLAAC spoofing, allowing attackers to redirect legitimate software updates […]
The post TheWizards Deploy ‘Spellbinder Hacking Tool’ for Global Adversary-in-the-Middle Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Ridge Security announced RidgeSphere, a centralized management platform designed to simplify the orchestration of multiple RidgeBot , the AI-powered automated security validation platform, across client environments. Built for Managed Security Service Providers (MSSPs) and large enterprises, RidgeSphere eliminates operational silos, accelerates service delivery, and unlocks new revenue opportunities through unified security validation. The challenge: Scaling offensive security As demand for proactive threat exposure management grows, MSSPs and enterprises face mounting complexity: Manual processes for deploying … More →
The post RidgeSphere streamlines security validation operations appeared first on Help Net Security.
RSAC 2025 Conference is taking place at the Moscone Center in San Francisco. Help Net Security is on-site, and this gallery takes you inside the event. The featured vendors are: PowerDMARC, Skyhawk Security, ThreatLocker, Stellar Cyber, Center for Internet Security, PlexTrac, ISC2, Bitdefender, SentinelOne, and SailPoint.
The post Photos: RSAC 2025 appeared first on Help Net Security.
Doug: Timing is everything. It's the one thing you can't manufacture in this industry. You’re either too early, too late, or you catch the market exactly when it's ready. Right now, the timing for HYPR Affirm couldn't be better.
The post Meet Doug McLaughlin: HYPR’s New SVP of Worldwide Sales appeared first on Security Boulevard.
Vulnerabilities in Apple’s AirPlay Protocol, AirPlay Software Development Kits (SDKs), and the CarPlay Communication Plug-in could allow attackers to compromise AirPlay-enabled devices developed and sold by Apple and by other companies. “Because AirPlay is a fundamental piece of software for Apple devices (Mac, iPhone, iPad, AppleTV, etc.) as well as third-party devices that leverage the AirPlay SDK, this class of vulnerabilities could have far-reaching impacts,” Oligo Security researchers noted. “AirBorne” vulnerabilities These so-called “AirBorne” flaws … More →
The post Airplay-enabled devices open to attack via “AirBorne” vulnerabilities appeared first on Help Net Security.