Hello all, This week’s headliners have a threepeat from Cisco and Fortinet. For three weeks in a row, they’ve managed to top the list of actively exploited items needing fixes. Way to go? And there’s lots more from plenty of others. So, let’s get to it. Headline NEWS: In Ransomware, Malware,…
Hello all, Another week, another Cisco headline about a zero-day, which was then eclipsed, by Fortinet with multiple products needing immediate patching due to critical defects. And of course, there’s Microsoft and the cadre of vendors that published fixes and updates on Patch Tuesday. There’s a lot to report on. Headline…
Hello all, Cisco had a bad week, first with an actively exploited flaw in ISE, and then a switch and router boot loop due to a DNS bug . CISA went nostalgic on us and alerted to a PowerPoint flaw from 2009 for some reason. And a host of other vendors…
Hello all, Welcome to 2026. So far it has been relatively quiet, unless you’re using a specific brand of Chinese network equipment, or SmarterMail. Otherwise, it has been a steady stream of new malware, exploits, and breaches to start the new year. We’ve got news to get to, so onward. Headline…
Hello all, Christmas has passed, and the New Year is just around the corner. Based on what I’ve seen, It seems that threat actors and pen testers may have taken a bit of time off. There was significantly less news of vulnerabilities and exploits to report on this week. And even…
Hello all, For those of you in the Northern Hemisphere, Winter starts tomorrow! And it is also the shortest day of the year. Now if your system clocks rely on the National Institute of Standards (NIST) timeservers located in Boulder, Colorado, then your day is 4.8 microseconds longer than the rest…
Hello all, As if the growing menace of the React2Shell vulnerability undergoing massive ramp-up of active attack and exploitation wasn’t enough, this past week was Patch Tuesday for the likes of Adobe, Microsoft and SAP. But wait there was more! Apple, Apache, Fortinet, Google, Ivanti and WatchGuard all had items come…
Hello all, What started out as a quiet week was rudely interrupted on Wednesday by a major vulnerability reveal in React Server Components. More on that in a moment. Headline NEWS: In Ransomware, Malware, and Vulnerabilities News: In Other News Events of Note and Interest: Musings: The amount of AI agentic…
Hello all, To my United States’ audience, welcome back after a long and hopefully uneventful weekend. I pray that it was good and restful. To all of us, welcome to December. The past week seemed to be a bit quieter, thankfully. However, there was still plenty of news to report on…
Hello all, You’d think that there’d be a bit less chaos a whole week after Patch Tuesday. Well, you’d be wrong. On Tuesday November 18, 2025, Cloudflare botched a routine update and took down major portions of their network and as a result a large swath of the internet. One of…
Hello all, This week had so many critical and high value vulnerabilities that it didn’t make sense to list them all in the headline news section, so make sure that you check out the full list of links to see if something that you support is impacted. Microsoft patched 63 defects,…
Hello All, I’ve been on vacation this week and away from the studio, so this video is going to be quite different from the usual report. Here are some notable items from last week to be aware of. And there’s lots more at the full listing of links below. Make sure…