Microsoft on Wednesday informed customers about a recently patched information disclosure vulnerability affecting Azure Active Directory (AD).
FBI Warns of Actively Exploited FatPipe Zero-Day Vulnerability
The Federal Bureau of Investigation (FBI) this week sounded the alarm on a zero-day vulnerability in FatPipe products that has been under active exploitation since at least May 2021.
Cloud Data Protection Startup Laminar Closes $32M Funding Round
Public cloud data protection provider Laminar on Wednesday emerged from stealth with $32 million in Series A funding. To date, the startup has raised $37 million in venture capital investments.
The new investment round was led by Insight Partners. Meron Capital, SentinelOne, and TLV Partners also participated.
U.S., U.K. and Australia Warn of Iranian APTs Targeting Fortinet, Microsoft Exchange Flaws
Netgear Patches Code Execution Vulnerability Affecting Many Products
A vulnerability in Netgear small office/home office (SOHO) devices can be exploited by an attacker on the local area network (LAN) to execute code remotely with root privileges, GRIMM security researchers warn.
CISA Releases Incident and Vulnerability Response Playbooks
In response to an executive order signed by President Biden in May, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released two cybersecurity playbooks focusing on incident response and vulnerability response.
Chrome 96 Plugs High-Risk Browser Flaws
Google this week announced the availability of Chrome 96 in the stable channel with fixes for 25 security flaws, including 18 bugs reported by external security researchers.
Mandiant Attributes Ghostwriter APT Attacks to Belarus
The Belarusian government is at least partially responsible for the Ghostwriter disinformation campaign, according to security researchers at the Mandiant Threat Intelligence team.
Blacksmith: Rowhammer Fuzzer Bypasses Existing Protections
A group of security researchers devised a new attack that completely bypasses the existing mitigations against the Rowhammer vulnerability in dynamic random-access memory (DRAM) chips.
GitHub Confirms Another Major NPM Security Defect
Microsoft-owned GitHub is again flagging major security problems in the npm registry, warning that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain.


