Login Subscribe

7secure Coverage

Articles

Search and filter the broader reporting stream across incidents, AI security, policy, and operational coverage.

Vulnerabilities & Exploits

Critical SolarWinds Web Help Desk Flaw Actively Exploited, Remote Code Execution Possible

Critical SolarWinds Web Help Desk Flaw Actively Exploited, Remote Code Execution Possible

A remote code execution vulnerability (CVE‑2024‑XXXX) has been discovered in SolarWinds Web Help Desk and is now being leveraged by threat actors in the wild. The flaw resides in the application’s API endpoint, allowing unauthenticated attackers to inject malicious payloads that execute arbitrary code on the underlying

Vulnerabilities & Exploits

Amaranth‑Dragon Weaponizes CVE‑2025‑8088 in Southeast Asian Espionage Surge

Amaranth‑Dragon Weaponizes CVE‑2025‑8088 in Southeast Asian Espionage Surge

Check Point researchers have traced a new wave of activity to the Amaranth‑Dragon threat group, a known offshoot of APT‑41. The actors are exploiting the freshly disclosed CVE‑2025‑8088 flaw in a widely deployed enterprise software suite to gain initial footholds across government agencies and private‑sector

Vulnerabilities & Exploits

CrowdStrike Tops Gartner Peer Insights as Preferred ASPM Tool for Defenders

CrowdStrike Tops Gartner Peer Insights as Preferred ASPM Tool for Defenders

CrowdStrike was named a Customers’ Choice in the 2026 Gartner Peer Insights Voice of the Customer report for Application Security Posture Management (ASPM) solutions. The award reflects strong user feedback that the platform excels at surfacing and ranking vulnerabilities based on real‑world exploitability, delivering comprehensive asset visibility, and correlating

Application security tools surge 🚀 while APT espionage intensifies in Asia 🐉.

Application security tools surge 🚀 while APT espionage intensifies in Asia 🐉.

Good morning, here is your daily cybersecurity and AI threat intelligence roundup for February 4, 2026. Today's headlines * CrowdStrike earns Gartner Peer Insights Customers' Choice for ASPM. * Amaranth‑Dragon exploits CVE‑2025‑8088 in Southeast Asian espionage campaigns. * A critical vulnerability in SolarWinds Web Help Desk is

Vulnerabilities & Exploits

Amaranth‑Dragon Exploits WinRAR CVE‑2025‑8088 for Southeast Asian Espionage

Amaranth‑Dragon Exploits WinRAR CVE‑2025‑8088 for Southeast Asian Espionage

A China‑linked threat group identified as Amaranth‑Dragon is leveraging the recent WinRAR vulnerability (CVE‑2025‑8088) to distribute malicious RAR archives. The crafted archives execute a payload that gains elevated execution rights and establishes persistence on compromised systems. The campaign targets organizations across Southeast Asia, using the flaw

vDefend Brings Real‑Time Zero‑Trust Lateral Defense to VMware Private Cloud

vDefend Brings Real‑Time Zero‑Trust Lateral Defense to VMware Private Cloud

VMware announced vDefend, a new security layer that extends zero‑trust principles to workloads running in private clouds. The solution continuously monitors inter‑VM traffic, applying behavioral analytics to spot deviations that indicate malicious lateral movement. When an anomaly is detected, vDefend automatically triggers micro‑segmentation policies to quarantine the

Vulnerabilities & Exploits

Inside the Mind Games Powering Modern Phishing Attacks

Inside the Mind Games Powering Modern Phishing Attacks

Unit42’s latest investigation dissects how threat actors weaponize basic human instincts—authority, urgency, and social proof—to drive phishing success. By impersonating senior executives, exploiting time‑sensitive crises like supply‑chain disruptions, and mimicking trusted colleagues, attackers create believable narratives that compel recipients to click malicious links or disclose

Threat Intelligence

Ransomware‑as‑a‑Service, APT Supply‑Chain Resurgence, and AI Phishing Surge

Ransomware‑as‑a‑Service, APT Supply‑Chain Resurgence, and AI Phishing Surge

Check Point’s February 2 threat‑intel briefing highlights three converging trends. Ransomware‑as‑a‑Service (RaaS) operations have jumped by over 30 % month‑over‑month, with new affiliate kits offering automated encryption, double‑extortion, and “ransomware‑only” extortion models. At the same time, previously quiet supply‑chain focused APT