Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

Dec 26, 2025Ravie LakshmananAI Security / DevSecOps A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM)…

Stealth Loaders, AI Chatbot Flaws AI Exploits, Docker Hack, and 15 More Stories

Dec 25, 2025Ravie LakshmananCybersecurity / Hacking News It’s getting harder to tell where normal tech ends and malicious intent begins. Attackers are no longer just breaking in — they’re blending in, hijacking everyday tools, trusted…

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

Dec 25, 2025Ravie LakshmananData Breach / Financial Crime The encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and…

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Dec 25, 2025Ravie LakshmananVulnerability / Enterprise Security Fortinet on Wednesday said it observed “recent abuse” of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations. The vulnerability in question is…

CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution

Dec 25, 2025Ravie LakshmananVulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog, citing…

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper

Dec 24, 2025Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that’s delivered by means of a digitally signed, notarized Swift application masquerading as a…

Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media

Dec 24, 2025Ravie LakshmananOnline Fraud / Artificial Intelligence The fraudulent investment scheme known as Nomani has witnessed an increase by 62%, according to data from ESET, as campaigns distributing the threat have also expanded beyond…

3 Ways to Protect Your Business in 2026

Dec 24, 2025The Hacker NewsPassword Management / Access Control Every year, cybercriminals find new ways to steal money and data from businesses. Breaching a business network, extracting sensitive data, and selling it on the dark…

SEC Files Charges Over Million Crypto Scam Using Fake AI-Themed Investment Tips

SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips

Dec 24, 2025Ravie LakshmananArtificial Intelligence / Cryptocurrency The U.S. Securities and Exchange Commission (SEC) has filed charges against multiple companies for their alleged involvement in an elaborate cryptocurrency scam that swindled more than $14 million…

Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition

Dec 24, 2025Ravie LakshmananPrivacy / Antitrust Apple has been fined €98.6 million ($116 million) by Italy’s antitrust authority after finding that the company’s App Tracking Transparency (ATT) privacy framework restricted App Store competition. The Italian…

« Previous
1
…
5
6
7
8
9
…
430
Next »