Security Issues, Vulnerabilities, Exploits & Government Alerts
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Festo Equipment: SBRD-Q/SBOC-Q/SBOI-Q Vulnerabilities: Incorrect Conversion between Numeric Types, Out-of-bounds Read, Reachable Assertion 2. RISK EVALUATION Successful exploitation of these vulnerabilities…
Sep 30, 2025The Hacker NewsArtificial Intelligence / Threat Detection The Problem: Legacy SOCs and Endless Alert Noise Every SOC leader knows the feeling: hundreds of alerts pouring in, dashboards lighting up like a slot machine,…
Sep 30, 2025Ravie LakshmananZero-Day / Vulnerability A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor…
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly. Dutch mobile security company ThreatFabric said it…
Sep 30, 2025The Hacker NewsArtificial Intelligence / Data Protection The world of enterprise technology is undergoing a dramatic shift. Gen-AI adoption is accelerating at an unprecedented pace, and SaaS vendors are embedding powerful LLMs directly…
A Chinese national has been convicted for her role in a fraudulent cryptocurrency scheme after law enforcement authorities in the U.K. confiscated £5.5 billion (about $7.39 billion) during a raid of her home in London.…
Sep 30, 2025Ravie LakshmananVulnerability / Linux The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known…
Threat actors have been observed using seemingly legitimate artificial intelligence (AI) tools and software to sneakily slip malware for future attacks on organizations worldwide. According to Trend Micro, the campaign is using productivity or AI-enhanced…
Sep 29, 2025Ravie LakshmananCybersecurity / Hacking News Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway. From hidden software bugs to massive DDoS attacks and new ransomware…
WASHINGTON – Today, the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) announced the official beginning of Cybersecurity Awareness Month 2025. This national campaign, administered by CISA, will give partner…