data breach

AkiraBot Targets 420,000 Sites with OpenAI-Generated Spam, Bypassing CAPTCHA Protections

Apr 10, 2025Ravie LakshmananWebsite Security / Cybercrime Cybersecurity researchers have disclosed details of an artificial intelligence (AI) powered platform called AkiraBot that’s used to spam website chats, comment sections, and contact forms to promote dubious…

Lovable AI Found Most Vulnerable to VibeScamming — Enabling Anyone to Build Live Scam Pages

Lovable, a generative artificial intelligence (AI) powered platform that allows for creating full-stack web applications using text-based prompts, has been found to be the most susceptible to jailbreak attacks, allowing novice and aspiring cybercrooks to…

New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner

Apr 09, 2025Ravie LakshmananWindows Security / Vulnerability A Chinese-affiliated threat actor known for its cyber-attacks in Asia has been observed exploiting a security flaw in security software from ESET to deliver a previously undocumented malware…

Explosive Growth of Non-Human Identities Creating Massive Security Blind Spots

Apr 09, 2025The Hacker NewsSecrets Management / DevOps GitGuardian’s State of Secrets Sprawl report for 2025 reveals the alarming scale of secrets exposure in modern software environments. Driving this is the rapid growth of non-human…

PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware

Apr 09, 2025Ravie LakshmananVulnerability / Ransomware Microsoft has revealed that a now-patched security flaw impacting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks aimed at a small number…

CISA Warns of CentreStack’s Hard-Coded MachineKey Vulnerability Enabling RCE Attacks

Apr 09, 2025Ravie LakshmananApplication Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Gladinet CentreStack to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of…

Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability

Apr 09, 2025Ravie LakshmananEndpoint Security / Vulnerability Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in…

Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered

Apr 09, 2025Ravie LakshmananSoftware Security / Vulnerability Adobe has released security updates to fix a fresh set of security flaws, including multiple critical-severity bugs in ColdFusion versions 2025, 2023 and 2021 that could result in arbitrary…

Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw

Apr 08, 2025Ravie LakshmananNetwork Security / Vulnerability Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE-2024-48887,…

Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal

Apr 08, 2025Ravie LakshmananCloud Security / Vulnerability Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit an attacker to…

« Previous
1
…
149
150
151
152
153
…
380
Next »