Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.

Over 900 FreePBX systems remain infected after CVE-2025-64328 exploitation, now listed in CISA KEV amid active attacks.

CISA adds VMware Aria Operations command injection flaw CVE-2026-22719 to KEV after reports of active exploitation; patches ...

Shell is committing $666 million to ethanol producer Raizen to help address Raizen's financial pressures. The company is also open to a potential restructuring of Raizen's core operations with partner ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the ...

Safe coding is a collection of software design practices and patterns that allow for cost-effectively achieving a high degree ...

Executive Overview The pace and sophistication of cyber threats continue to accelerate. Over the past seven days alone, multiple high-impact campaigns have targeted enterprise recovery systems, ...

AI agents now operate across enterprise systems, creating new risk via prompt injection, plugins, and persistent memory. Here’s how to adapt security.

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Security researchers disclose critical vulnerabilities in Anthropic’s Claude Code that allow remote code execution and credential theft.

After months of real-world testing of AI copilots, chat interfaces, and AI-generated apps, Terra Security releases a new module for continuous AI Penetration Testing to match AI development velocity ...