Newely discovered AMD CPU flaw highlights the risk of running multiple VMs

A newly discovered vulnerability in AMD chips allows malicious actors to perform remote code execution (RCE) and privilege escalation in virtual machines. Cybersecurity researchers from the CISPA Helmholtz Center for Information Security in Germany detailed a vulnerability they named StackWarp, Read More …

Patch Tuesday – January 2026

Microsoft is publishing 114 vulnerabilities this January 2026 Patch Tuesday. Today’s menu includes just one vulnerability marked as exploited in the wild, as well as two vulnerabilities where Microsoft is aware of public disclosure. There are no critical remote code Read More …

Secure connectivity principles for Operational Technology (OT)

Operational technology (OT) environments – which have long been centred on safety, uptime, and operational continuity – are now more interconnected than ever. Driven by the need for increased efficiency, agility, and integration, these advancements offer significant operational benefits (such Read More …

CVE-2026-21858: Maximum-severity n8n flaw lets randos run your automation server

A maximum-severity bug in the popular automation platform n8n has left an estimated 100,000 servers wide open to complete takeover, courtesy of a flaw so bad it doesn’t even require logging in. The vulnerability, uncovered by researchers at security outfit Read More …

Business continuity isn’t keeping pace with cyber threats, warns Sedgwick CISO

Business continuity plans are lagging behind the speed and complexity of modern cyberattacks, according to Eric Schmitt (pictured), chief information security officer at Sedgwick. “In most cases, it is not,” Schmitt said, when asked whether current business continuity frameworks are Read More …

Threat landscape for industrial automation systems in Q3 2025

In Q3 2025, the percentage of ICS computers on which malicious objects were blocked decreased from the previous quarter by 0.4 pp to 20.1%. This is the lowest level for the observed period. Regionally, the percentage of ICS computers on which Read More …

Critical vulnerabilities in Fortinet CVE-2025-59718, CVE-2025-59719 exploited in the wild

A recently disclosed pair of vulnerabilities affecting Fortinet devices—CVE-2025-59718 and CVE-2025-59719—are drawing urgent attention after confirmation of their active exploitation in the wild. The vulnerabilities carry a critical CVSSv3 score and allow an unauthenticated remote attacker to bypass authentication using Read More …

NMFTA Releases 2026 Transportation Industry Cybersecurity Trends Report

The National Motor Freight Traffic Association, Inc. (NMFTA)™ announced the release of its 2026 Transportation Industry Cybersecurity Trends Report, the latest annual assessment of cyber threats, adversary tactics, and resilience trends shaping the future of freight and logistics in North Read More …

Multifunction Printer Security Concerns within the Enterprise Business Environment

Multifunction printers (MFPs) do far more than print. They scan, email, fax, store, and authenticate. That convenience comes with risk. Our latest report, Understanding Multifunction Printer (MFP) Security within the Enterprise Business Environment, from Rapid7’s Deral Heiland, Principal Security Researcher Read More …