Content Paint
Search
Sign in
Membership

cybersecurity

mícrosoft  | Jun 18, 2023
A triple barrage of mystery DDoS attacks knocked Microsoft services including Azure, Intune offline
Microsoft DDoS attacks hit Azure and likely Outlook but Redmond's coy with the details

Back in 2021 Microsoft boasted of shielding a customer from a 2.4 Tbps DDoS attack originating from 70,000 sources. It has not shared such detail on this successful incident that it its services...

MOVEit  | Jun 16, 2023
As victim count mounts, a critical new MOVEit bug emerges - with US federal agencies compromised
new MOVEit vulnerability and federal agencies hacked

Hackers "often breach the Department’s defensive perimeter and roam freely within our information systems"

 |  cybersecurity  | Jun 15, 2023
A third of Barracuda zero day victims are gov't agencies
A third of Barracuda zero day victims are gov't agencies

Attackers demonstrated such sophisticated persistence capabilities that Barracuda and Mandiant have urged users to dump affected appliances irrespective of patch level.

registry  | Jun 14, 2023
Hackers could have taken over every single .ai domain
Hackers could have taken over every single .ai domain

"It is clear that the internet is so, so brittle" and possibly held together with duct tape

Security  | Jun 13, 2023
VMware zero day used to hack defence, tech companies
VMware zero day used to hack defence, tech companies

The threat group has also used a wide range of attacker scripts to get vpxuser credentials, enumerate ESXi hosts and their guest VMs, and manipulate connected ESXi host firewall rules in order to steal data.

Fortinet  | Jun 12, 2023
MFA is no protection against this critical new Fortinet vulnerability, CVE-2023-27997
MFA is no protection against this critical new Fortinet vulnerability, CVE-2023-27997

"It is a pre-auth RCE [and] has been proven to be exploitable in a consistent manner; we found it during a Red Team engagement and have exploited it remotely..."

data breaches  | Jun 05, 2023
BBC, BA suffer data breaches in wake of MOVEit attacks
BBC, BA suffer data breaches in wake of MOVEit attacks

The Stack is seeing exposed instances associated with scores of high profile blue chips

cybersecurity  | Jun 05, 2023
There’s yet another CVSS 10, sandbox escape vulnerability in this widely used software library
There’s yet another CVSS 10, sandbox escape vulnerability in this widely used software library

23 million downloads last month. Four CVSS 10 vulnerabilities reported within weeks. Public exploits shared...

News  | Jun 05, 2023
UPDATED: File transfer software under active attack. Banks, gov't hit as CVE, new IOCs released
UPDATED: File transfer software under active attack. Banks, gov't hit as CVE, new IOCs released

Admins should urgently modify firewall rules to deny HTTP and HTTPs traffic to MOVEit Transfer on ports 80 and 443. (Also, can we start fuzzing for SQL Injection properly, please?)

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2026 The Stack
©  2026 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.