Double Pulsar
Red Hat Consulting breach puts over 5000 high profile enterprise customers at risk — in detail
The Elephant in The Biz: outsourcing of critical IT and cybersecurity functions risks UK economic…
Citrix Netscaler backdoors — Part One — May 2025 activity against governments
Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025
Colt Technology Services gets ransomware’d via SharePoint initial access— some learning points
CitrixBleed 2 situation update — everybody already got owned
CitrixBleed 2 exploitation started mid-June — how to spot it
CitrixBleed 2: Electric Boogaloo — CVE-2025–5777
Big Game Ransomware: the myths experts tell board members
DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door
Microsoft’s patch for CVE-2025–21204 symlink vulnerability introduces another symlink vulnerability
Microsoft Recall on Copilot+ PC: testing the security and privacy implications
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
No, there isn’t a world ending Apache Camel vulnerability
Use one Virtual Machine to own them all — active exploitation of ESXicape
2022 zero day was used to raid Fortigate firewall configs. Somebody just released them.
Handala attempts a supply chain hack via ReutOne
Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs
EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs
Cybersecurity from the trenches, written by Kevin Beaumont. Opinions are of the author alone, not their employer. - Medium