Content Paint
Search
Sign in
Membership

cybersecurity

Security  | Jan 25, 2024
Next for The Bear: Hacking HPE inboxes
HPE emails hacked

"Cozy Bear" gained unauthorized access to HPE’s cloud-based email environment

vulnerabilities  | Jan 24, 2024
Exploit released for fresh Fortra GoAnywhere bug: CVSS 9.8 and again, nasty. Patch up.
New Fortra GoAnywhere vulnerability CVE-2024-0204

A 10-line exploit is now widely available. Unpatched instances *will* come under attack.

Security  | Jan 23, 2024
Europe's controversial cyber resilience law gets a rewrite -- now not as terrible as it was
Europe's controversial cyber resilience law gets a rewrite -- now not as terrible as it was

A rewritten EU cyber resiliency act removes the biggest threats to open source but much standards work still to be done, says Linux Foundation Europe

Security  | Jan 21, 2024
Russian group hacks emails of Microsoft’s “senior leadership” and cybersecurity staff
Russian group hacks emails of Microsoft’s “senior leadership” and cybersecurity staff

"We will act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes..."

Security  | Jan 16, 2024
Ivanti VPN appliance exploitation now happening at scale
Ivanti VPN appliance exploitation now happening at scale

VPN appliances "all appear to have been constructed with the code equivalent of string, stamped with the word ‘secure’ and then just left to decay for 20 years..."

 |  Security  | Jan 15, 2024
OpenAI, TikTok, X hunt insider threat specialists -- on widely diverging salary bands
insider threat risks

"In every insider threat case, there is a combination of network activity and employee behaviour. The malicious activity crosses both physical and electronic modalities..."

Security  | Jan 10, 2024
Pre-auth RCE zero days in Ivanti VPNs are being exploited by a Chinese APT and there won’t be a patch for weeks. Buckle up.
Pre-auth RCE zero days in Ivanti VPNs are being exploited by a Chinese APT and there won’t be a patch for weeks. Buckle up.

Attackers re-write JavaScript loaded by the VPN login page for the Appliance to capture credentials; also grabbed Veeam credentials, moved laterally for full SYSTEM control.

Security  | Jan 08, 2024
Software licensing bug percolates pre-auth RCE risk downstream to PLC-land
Software licensing bug percolates pre-auth RCE risk downstream to PLC-land

Another arguably more potent example and one actively exploited in the wild is CVE-2023-46604 – a CVSS 10 RCE vulnerability in Apache ActiveMQ; an open source message broker written in Java.

Security  | Jan 05, 2024
The Big Interview: Rubrik CEO Bipul Sinha on going from no running water, to running a $500m business
The Big Interview: Rubrik CEO Bipul Sinha on going from no running water, to running a $500m business

On Magic Quadrants, deal size, changing approaches to cyber-resilience and learning from his father.

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2026 The Stack
©  2026 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.