Confirmed5 d agoReputable
There are security gaps in Trend Micro Apex One and Langflow that cybercriminals are actively attacking. CISA warns about this.
Developing5 d agoMedia
The Zero Trust Security Framework becomes the central guideline for modern IT security. Clear principles and an actionable implementation plan are crucial. An online workshop provides practical approaches. (Golem career world, server applications)
Developing5 d agoMedia
The GTA 6 manufacturer states sales expectations, and investors react immediately: According to the new business figures, Take-Two shares are increasing significantly. (GTA 6, Red Dead Redemption)
Official source5 d agoReputable
Confirmed5 d agoReputable
For months, there have been hardly credible allegations circulating in the USA that WhatsApp can view completely encrypted content. Now Texas is filing a lawsuit.
Confirmed5 d agoReputable
Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service (DDoS) attacks over the past six months. KrebsOnSecurity publicly named the suspect in February 2026 after the accused launched a volley of DDoS, doxing and swatting campaigns against this author and a security researcher. He now faces criminal h
Confirmed5 d agoReputable
Three firms will pay nearly $1 million for selling “Active Listening” technology that they claimed tapped people’s phones for advertising. The FTC alleges the “tech” was just pricey email lists.
Confirmed5 d agoReputable
Anyone who inserts text into AI chatbots often unintentionally passes on sensitive data. A new Chrome extension from DFKI is intended to prevent this.
Developing5 d agoMedia
Samsung has averted an 18-day strike. In return, around 125,000 employees will receive a one-time bonus payment of an enormous amount. (Samsung, economy)
Developing5 d agoMedia
First VPN promised hackers complete anonymity for their cyberattacks. But Europol said it was able to notify the service’s users that they have now been identified.
Developing5 d agoMedia
Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing remote code execution on the device. [...]
Confirmed5 d agoReputable
Cloudflare now integrates with the Claude Compliance API, so that security teams can monitor Claude Enterprise activity directly in the Cloudflare Dashboard.
Developing5 d agoMedia
Vodafone's new head of technology explains why 5G Advanced is being brought to the mobile network, but the company is hesitant about Docsis 4.0. By Achim Sawall (Vodafone, cable network)
Developing5 d agoMedia
Only for the second time: Amazon is selling the 256 GB Lexar Play Pro MicroSD Express card for Switch 2 again for less than 51 euros. (storage media, Amazon)
Confirmed5 d agoReputable
Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more. The post The npm Threat Landscape: Attack Surface and Mitigations (Updated May 21) appeared first on Unit 42.
Developing5 d agoMedia
Apple revealed that it blocked over $11 billion in fraudulent App Store transactions over the last six years, more than $2.2 billion in potentially fraudulent App Store transactions in 2025 alone. [...]
Developing5 d agoMedia
Modern crypto drainers don't hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishing and automation. [...]
Developing5 d agoMedia
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [...]
Developing5 d agoMedia
Cisco has released security updates to address a maximum-severity vulnerability in Secure Workload that allows attackers to gain Site Admin privileges. [...]
Developing5 d agoMedia
A virtual private network service called 'First VPN,' used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement operation. [...]
Developing5 d agoMedia
Insufficient validation and authentication in the Secure Workload’s REST APIs provide remote attackers with Site Admin privileges. The post Cisco Patches Critical Vulnerability in Secure Workload appeared first on SecurityWeek.
Official source5 d agoOfficial
View CSAF Summary Hitachi Energy is aware of the vulnerability, CVE-2022-4304 in the OSS component OpenSSL, that affects the GMS600 versions that are listed below. An attacker successfully exploiting this vulnerability could send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connec
Official source5 d agoOfficial
View CSAF Summary An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who successfully exploited these vulnerabilities could take over a remote session or execute code in the context of the user’s browser session. The following versions of ABB B&R Automation Runtime are affected: Automation Runtime <6.4, 6.4 (CVE-2025-3449, CVE-2025-3448, CVE-2025-11498) CVSS Vendor Equipment V
Official source5 d agoOfficial
View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addresses and remediates the vulnerability. A network attacker could exploit the vulnerabilities to execute remote code, initiate DoS attacks, conduct DNS cache poisoning, or extract sensitive information. The following versions of ABB B&R PCs are affected: APC4100 <1.09, 1.09 (CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-4523
Official source5 d agoOfficial
View CSAF Summary ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of heap memory which potentially takes remote control of the product and performs a write operation to the flash memory to alter the firmware behavior. The following versions of ABB Terra AC Wallbox are affected: Terra AC wallbox (JP) <=1.8.33, 1.8.36 (CVE-2025-10504, CVE-2025-12142, CVE-2025-12143) CVSS
Official source5 d agoOfficial
View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that replaces an outdated third-party component. Although no successful exploitation was observed during testing of the affected B&R products, the identified vulnerabilities could present potential attack vectors that might enable unauthorized access, data exposure, or remote code execution. The following versions of ABB B&R Automation Studio are affected: B&R Au
Developing5 d agoMedia
The company has developed a platform that uses specialized AI agents to inspect every incoming message. The post Ocean Emerges From Stealth With $28M for Agentic Email Security Platform appeared first on SecurityWeek.
Developing5 d agoMedia
The loophole allows spammers and scammers to send emails from a legitimate Microsoft email address typically used for sending genuine account alerts.
Developing6 d agoMedia
The company blocked over 1.1 billion accounts and $2.2 billion in potentially fraudulent transactions. The post Apple Rejected 2 Million App Store Submissions in 2025 for Security and Fraud Prevention appeared first on SecurityWeek.
Confirmed6 d agoReputable
The Flipper One is not intended to be a mere successor to the successful gadget, but rather a versatile mobile companion. The community should help develop.