Hello all, As if the growing menace of the React2Shell vulnerability undergoing massive ramp-up of active attack and exploitation wasn’t enough, this past week was Patch Tuesday for the likes of Adobe, Microsoft and SAP. But wait there was more!…
Hello all, What started out as a quiet week was rudely interrupted on Wednesday by a major vulnerability reveal in React Server Components. More on that in a moment. Headline NEWS: In Ransomware, Malware, and Vulnerabilities News: In Other News…
Hello all, You’d think that there’d be a bit less chaos a whole week after Patch Tuesday. Well, you’d be wrong. On Tuesday November 18, 2025, Cloudflare botched a routine update and took down major portions of their network and…
Hello all, This week had so many critical and high value vulnerabilities that it didn’t make sense to list them all in the headline news section, so make sure that you check out the full list of links to see…
Hello all, Last week I excoriated Amazon for their spectacular day-long failure. This past week, Microsoft decided it was their turn and because of a self-inflicted Domain Name System (DNS) issue, major portions of their network were inaccessible. At least…
Hello all, A popular axiom in computing circles is, “It’s always DNS.” On Monday it became painfully real for much of the internet as Amazon Web Services (AWS) US-East-1 zone fell victim to a Domain Name Service (DNS) issue and…
Hello all, This was not a good week for some of the major players in the industry. Microsoft had portions, if not their entire network, go down several times, Oracle E-Business suite came under attack, SonicWall’s recent breach got worse,…
Hello all, This past Saturday I attended BSides St. Petersburg, Florida, not Russia. This is a local convention, aka ‘con’, that draws around 500 cyber security minded people together to network, learn, and hear from some of the most dedicated…
Hello all, I knew it would be a busy week since it was Patch Tuesday, but I didn’t know it would be this busy. Hundreds of new vulnerabilities were reported that need evaluation, prioritization, and remediation. Some of the reveals…
Hello all, Hacker Summer Camp in Las Vegas has now concluded. There were quite a few new vulnerabilities and security gaps revealed, along with a nice quantity of new and interesting products. Expect that the next couple of weeks will…
Hello all, Most of last week was quiet with a steady rumble of Microsoft sourced phishing emails growing in popularity, and then toward the latter part of the week Arctic Wolf and Huntress warned about a concerning increase in successful…
Hello all, Last week I warned about a new zero-day in Microsoft SharePoint on-premises that had just become public knowledge. It escalated quickly, not necessarily with threat actor activity, but with news articles and cyber professionals everywhere urging action. With…