A second maximum-severity flaw in Kemp LoadMaster in two years shows why load balancers need the same patch discipline as public web servers.
News
-
-
Ransomware via search results is now a documented attack route. A Bing search for IT software led to full network encryption in 44 hours. Here is why your download policy …
-
StegoAd infected 2.6 million users through official browser stores using steganography to hide payloads in images. Here is what UK businesses should audit and lock down.
-
Russian intelligence is stealing Signal backup recovery keys to read encrypted message histories, without breaking the encryption. Here’s what that means for how UK businesses use secure messaging.
-
Adblock for YouTube has a dormant script injection capability that its owners could activate with one server change. Here is what it means for your organisation and what to do …
-
Operation Endgame disrupted Amadey and StealC infrastructure on a significant scale. But with no arrests, the operators survive intact. Here is what that means for UK businesses building their security …
-
Two members of Scattered Spider have pleaded guilty over the 2024 TfL breach. The techniques they used are low-tech and still active. Here is what organisations can do to make …
-
Three ShapedPlugin Pro plugins served malware via official updates for three weeks. Updating the plugin is not enough — here is what site owners need to do.
-
The Squidbleed vulnerability in Squid Proxy leaks HTTP credentials from heap memory in every default installation. Here is how to check whether you are affected and what to do while …
-
The Gravity SMTP vulnerability (CVE-2026-4020) is being exploited at mass scale. But the real issue is structural: email plugins holding API keys create a risk that one permission bug can …