Jul 31, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting a critical security flaw in “Alone – Charity Multipurpose Non-profit WordPress Theme” to take over susceptible sites. The vulnerability, tracked as CVE-2025-5394, carries…
Hackers who breached U.S. insurance giant Allianz Life earlier this month stole reams of customer Social Security numbers, according to notifications filed with several U.S. states and seen by TechCrunch. Allianz Life disclosed the July…
Jul 30, 2025Ravie LakshmananCryptocurrency / Browser Security Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to deploy a compiled V8 JavaScript (JSC) malware called JSCEAL that can capture…
Jul 30, 2025Ravie LakshmananEncryption / Ransomware Cybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to their files for free. “Because the ransomware is now considered dead,…
Jul 30, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed now-patched critical security flaws in the firmware of Dahua smart cameras that, if left unaddressed, could allow attackers to hijack control of susceptible devices.…
Jul 30, 2025Ravie LakshmananEndpoint Security / Cyber Espionage Chinese companies linked to the state-sponsored hacking group known as Silk Typhoon (aka Hafnium) have been identified as behind over a dozen technology patents, shedding light on…
In this article, we will provide a brief overview of Pillar Security’s platform to better understand how they are tackling AI security challenges. Pillar Security is building a platform to cover the entire software development…
Jul 30, 2025Ravie LakshmananVulnerability / Zero-Day Apple on Tuesday released security updates for its entire software portfolio, including a fix for a vulnerability that Google said was exploited as a zero-day in the Chrome web…
Jul 30, 2025Ravie LakshmananDevice Security / AI Security Google has announced that it’s making a security feature called Device Bound Session Credentials (DBSC) in open beta to ensure that users are safeguarded against session cookie…
Jul 30, 2025Ravie LakshmananVulnerability / Threat Intelligence Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025.…