- CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface (Severity: HIGH)
- CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface (Severity: HIGH)
- CVE-2025-0109 PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface (Severity: MEDIUM)
- CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin (Severity: HIGH)
- Healthcare security lapses keep piling up
- SANS Stormcast Friday Feb 21st: Kibana Queries; Mongoose Injection; U-Boot Flaws; Unifi Protect Camera Vulnerabilities; Protecting Network Devices as Endpoint (Austin Clark @sans_edu)
- CVE-2024-5921 GlobalProtect App: Insufficient Certificate Validation Leads to Privilege Escalation (Severity: MEDIUM)
- SecTopRAT bundled in Chrome installer distributed via Google Ads
- Google Docs used by infostealer ACRStealer as part of attack
- DeepSeek found to be sharing user data with TikTok parent company ByteDance
- SANS Stormcast Wednesday Feb 20th: XWorm Cocktail; Quantum Computing Breakthrough; Signal Phishing
- Protected: zQA Content Editing Styles
- Malwarebytes introduces native ARM support for Windows devices
- Macs targeted by infostealers in new era of cyberthreats
- SANS Stormcast Tuesday Feb 19th: ModelScan AI Model Security; OpenSSH Vuln; Juniper Patches; Dell BIOS Vulnerability
