Microsoft’s stance on zero day exploits is a dumpster fire of their own making 2026-05-28 True Kevin Beaumont True Microsoft Vibing — capturing screenshots and voice samples without governance 2026-04-23 True Kevin Beaumont True Merry Christmas Day! Have a MongoDB security incident. 2025-12-26 True Kevin Beaumont True Cybersecurity industry overreacts to React vulnerability, starts panic, burns own house down again 2025-12-05 True Kevin Beaumont True Small numbers of Notepad++ users reporting security woes 2025-12-02 True Kevin Beaumont True What organisations can learn from the record breaking fine over Capita’s ransomware incident 2025-11-20 True Kevin Beaumont True Red Hat Consulting breach puts over 5000 high profile enterprise customers at risk — in detail 2025-10-06 True Kevin Beaumont True Citrix Netscaler backdoors — Part One — May 2025 activity against governments 2025-08-31 True Kevin Beaumont True Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025 2025-08-28 True Kevin Beaumont True Colt Technology Services gets ransomware’d via SharePoint initial access— some learning points 2025-08-22 True Kevin Beaumont True Big Game Ransomware: the myths experts tell board members 2025-05-04 True Kevin Beaumont True DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door 2025-05-02 True Kevin Beaumont True Microsoft’s patch for CVE-2025–21204 symlink vulnerability introduces another symlink vulnerability 2025-04-22 True Kevin Beaumont True Microsoft Recall on Copilot+ PC: testing the security and privacy implications 2025-04-21 True Kevin Beaumont True Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service 2025-03-31 True Kevin Beaumont True No, there isn’t a world ending Apache Camel vulnerability 2025-03-09 True Kevin Beaumont True Use one Virtual Machine to own them all — active exploitation of ESXicape 2025-03-05 True Kevin Beaumont True 2022 zero day was used to raid Fortigate firewall configs. Somebody just released them. 2025-01-16 True Kevin Beaumont True Handala attempts a supply chain hack via ReutOne 2024-12-27 True Kevin Beaumont True Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs 2024-10-22 True Kevin Beaumont True EIW — ESET Israel Wiper — used in active attacks targeting Israeli orgs 2024-10-17 True Kevin Beaumont True Hacker group Handala Hack Team claim battery explosions linked to Israeli battery company. 2024-09-19 True Kevin Beaumont True Microsoft need to be transparent about customer impacting DDoS attacks 2024-07-30 True Kevin Beaumont True What I learned from the ‘Microsoft global IT outage’ 2024-07-22 True Kevin Beaumont True Snowflake at centre of world’s largest data breach 2024-06-02 True Kevin Beaumont True Recall: Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible. 2024-05-31 True Kevin Beaumont True How 50% of telco Orange Spain’s traffic got hijacked — a weak password 2024-01-03 True Kevin Beaumont True Cyber Toufan goes Oprah mode, with free Linux system wipes of over 100 organisations 2023-12-28 True Kevin Beaumont True The ticking time bomb of Microsoft Exchange Server 2013 2023-12-22 True Kevin Beaumont True Tracking Russia’s NoName057[16] attempts to DDoS UK public services 2023-12-07 True Kevin Beaumont True What it means — CitrixBleed ransom group woes grow as over 60 credit unions, hospitals… 2023-12-03 True Kevin Beaumont True LockBit ransomware group assemble strike team to breach banks, law firms and governments. 2023-11-13 True Kevin Beaumont True Mass exploitation of CitrixBleed vulnerability, including a ransomware group 2023-10-27 True Kevin Beaumont True Starfield themed malware blasts off 2023-08-19 True Kevin Beaumont True UK Electoral Commission had an unpatched Microsoft Exchange Server vulnerability 2023-08-09 True Kevin Beaumont True MobileIrony backdoor allows complete takeover of mobile security product and endpoints. 2023-07-25 True Kevin Beaumont True 
