Voice-based phishing was at the root of multiple attack sprees Mandiant responded to last year, reflecting a concerning shift in tactics.

Cisco’s response to the latest SD-WAN and firewall defects has been fast, but the harder question is how long sophisticated actors had a head start — and…

Researchers said attackers linked to Russia’s military intelligence agency have moved from vulnerability exploits to focus on poorly configured network edge devices to keep its access to…

About 20 organizations have been impacted and the pace of attacks is rising. Threat researchers and SonicWall are scrambling to determine the root cause.

The Departments of Energy, Homeland Security and Health and Human Services have been impacted.

The software defects, which have a maximum-severity rating, do not require authentication and allow remote attackers to execute code arbitrarily on the underlying system.

Linen Typhoon, Violet Typhoon and Storm-2603 are behind the initial attack spree that erupted over the weekend. Other threat groups are now following suit.

The number of Citrix customers impacted by CVE-2025-5777 remains unknown, but researchers have already observed more than 11.5 million attack attempts, targeting thousands of sites.

Application Attack Matrix is a community effort designed to help defenders and organizations better understand and define how attackers use and exploit weaknesses in applications.

French authorities said government agencies and businesses spanning telecom, media, finance and transportation were impacted by the widely exploited Ivanti vulnerabilities.