Passwordless MFA to Entra ID Joined Devices with Secret Double Octopus
Intro: The Problem with Passwords and Federated Entra ID In today’s hybrid enterprise environments, especially those using Entra ID (Azure AD) with federation via WS‑FED or . . .
🚨 Apple iOS 18.5 Zero-Day – Image Processing Vulnerability Actively Exploited
Overview Apple has released a critical update, iOS 18.5, to patch a severe image processing vulnerability that could allow attackers to compromise iPhones by sending . . .
Commvault Zero-Day CVE-2025-3928 Exploited in SaaS Campaign Targeting Microsoft 365 Backups
🚨 Commvault Zero-Day CVE-2025-3928 Exploited in SaaS Campaign Targeting Microsoft 365 Backups A critical zero-day vulnerability in Commvault’s web server software, identified as CVE-2025-3928, has . . .
🎯 Espionage via Output Messenger: CVE-2025-27920 Exploited by Marbled Dust
📌 Overview In a newly uncovered campaign, Microsoft Threat Intelligence has linked the advanced persistent threat (APT) group Marbled Dust to the exploitation of a . . .
🚨 AI Finds Medium Severity Bug in Linux Kernel SMB Server – CVE-2025-37899
Overview In a compelling example of AI-assisted vulnerability research, a security researcher has used OpenAI’s o3 model to discover a use-after-free vulnerability in the Linux . . .
Seven VMware Vulnerabilities Disclosed — What You Need to Know (CVE-2025-41225 to CVE-2025-41231)
Vulnerability Breakdown Exploitation Scenarios Recommendations Detection Queries Indicators of Compromise 🚨 Seven VMware Vulnerabilities Disclosed — What You Need to Know (CVE-2025-41225 to CVE-2025-41231) Broadcom’s . . .
Firefox Zero-Days Exploited CVE-2025-4918 & CVE-2025-4919
🚨 Firefox Zero-Days Exploited at Pwn2Own Berlin – What Happened? Mozilla has released urgent security updates addressing two critical zero-day vulnerabilities actively exploited in the . . .
Fortinet Zero-Day Alert: CVE-2025-32756 Exploited in the Wild
🚨 Fortinet Zero-Day Alert: CVE-2025-32756 Exploited in the Wild Fortinet has disclosed a critical zero-day vulnerability, CVE-2025-32756, affecting multiple products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, . . .
SAP NetWeaver Zero-Day: CVE-2025-31324 + 42999 Exploited
🚨 SAP NetWeaver Zero-Day Vulnerabilities: Active Exploitation and Indicators of Compromise SAP has disclosed two critical zero-day vulnerabilities in its NetWeaver platform: CVE-2025-31324 and CVE-2025-42999. . . .
Secret Double Octopus Server 6.6.2 Release Notes and Highlights
Welcome! Welcome to our blog! Today, we’re excited to discuss the recent release of Secret Double Octopus (SDO) Server version 6.6.2, launched on February 13, . . .