Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances. Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. "An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in
Published on: July 11, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Virtru secures $50 million investment to advance data-centric security standards
Virtru's technology centers on the Trusted Data Format, an open standard that embeds security controls directly into data files rather than relying on traditional perimeter defenses. The post Virtru secures $50 million investment to advance data-centric security standards appeared first on CyberScoop.
Published on: July 11, 2025 | Source:Factoring Cybersecurity Into Finance's Digital Strategy
As financial institutions continue to embrace digital transformation, their success will depend on their ability to establish and maintain robust and responsible cybersecurity practices.
Published on: July 11, 2025 | Source:PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
Cybersecurity researchers have discovered a set of four security flaws in OpenSynergy's BlueSDK Bluetooth stack that, if successfully exploited, could allow remote code execution on millions of transport vehicles from different vendors. The vulnerabilities, dubbed PerfektBlue, can be fashioned together as an exploit chain to run arbitrary code on cars from at least three major automakers,
Published on: July 11, 2025 | Source:Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent
With IPOs taking longer than ever, the venture firmβs fund aims to keep startup veterans motivated while staying private. The post Cyberstarts Launches $300M Liquidity Fund to Help Startups Retain Top Talent appeared first on SecurityWeek.
Published on: July 11, 2025 | Source:Securing Data in the AI Era
The 2025 Data Risk Report: Enterprises face potentially serious data loss risks from AI-fueled tools. Adopting a unified, AI-driven approach to data security can help. As businesses increasingly rely on cloud-driven platforms and AI-powered tools to accelerate digital transformation, the stakes for safeguarding sensitive enterprise data have reached unprecedented levels. The Zscaler ThreatLabz
Published on: July 11, 2025 | Source:Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress. The vulnerability, tracked as CVE-2025-47812 (CVSS score: 10.0), is a case of improper handling of null ('\0') bytes in the server's web interface, which allows for remote code execution. It has been addressed in version 7.4.4. "The user and
Published on: July 11, 2025 | Source:Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
An Iranian-backed ransomware-as-a-service (RaaS) named Pay2Key has resurfaced in the wake of the Israel-Iran-U.S. conflict last month, offering bigger payouts to cybercriminals who launch attacks against Israel and the U.S. The financially motivated scheme, now operating under the moniker Pay2Key.I2P, is assessed to be linked to a hacking group tracked as Fox Kitten (aka Lemon Sandstorm). "
Published on: July 11, 2025 | Source:EU Unveils AI Code of Practice to Help Businesses Comply With Blocβs Rules
The EU code is voluntary and complements the EUβs AI Act, a comprehensive set of regulations that was approved last year and is taking effect in phases. The post EU Unveils AI Code of Practice to Help Businesses Comply With Blocβs Rules appeared first on SecurityWeek.
Published on: July 11, 2025 | Source:McDonaldβs Chatbot Recruitment Platform Exposed 64 Million Job Applications
Two vulnerabilities in an internal API allowed unauthorized access to contacts and chats, exposing the information of 64 million McDonaldβs applicants. The post McDonaldβs Chatbot Recruitment Platform Exposed 64 Million Job Applications appeared first on SecurityWeek.
Published on: July 11, 2025 | Source:Critical Wing FTP Server Vulnerability Exploited
Wing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges. The post Critical Wing FTP Server Vulnerability Exploited appeared first on SecurityWeek.
Published on: July 11, 2025 | Source:TikTok Faces Fresh European Privacy Investigation Over China Data Transfers
The Irish Data Privacy Commission announced that TikTok is facing a new European Union privacy investigation into user data sent to China. The post TikTok Faces Fresh European Privacy Investigation Over China Data Transfers appeared first on SecurityWeek.
Published on: July 11, 2025 | Source:July 2025 Breaks a Decade of Monthly Android Patches
Since August 2015, Google has delivered a constant stream of monthly security patches for Android. Until July 2025. The post July 2025 Breaks a Decade of Monthly Android Patches appeared first on SecurityWeek.
Published on: July 11, 2025 | Source:Customer, Employee Data Exposed in Nippon Steel Breach
Information from the company's NS Solutions subsidiary has yet to show up on any Dark Web sites, but it doesn't rule out the possibility that the data may have been stolen.
Published on: July 11, 2025 | Source:Digital Fingerprints Test Privacy Concerns in 2025
Digital fingerprinting technology creates detailed user profiles by combining device data with location and demographics, which increases the risks of surveillance.
Published on: July 10, 2025 | Source:eSIM Bug in Millions of Phones Enables Spying, Takeover
eSIMs around the world may be fundamentally vulnerable to physical and network attacks because of a 6-year-old Oracle vulnerability in technology that underlies billions of cards.
Published on: July 10, 2025 | Source:Ingram Micro Up and Running After Ransomware Attack
Customers were the first to notice the disruption on the distributor's website when they couldn't place orders online.
Published on: July 10, 2025 | Source:Agentic AI's Risky MCP Backbone Opens Brand-New Attack Vectors
Critical security vulnerabilities affect different parts of the Model Context Protocol (MCP) ecosystem, which many organizations are rapidly adopting in order to integrate AI models with external data sources.
Published on: July 10, 2025 | Source:4 Arrested in UK Over M&S, Co-op, Harrods Hacks
The UK's National Crime Agency arrested four people, who some experts believe are connected to the notorious cybercriminal collective known as Scattered Spider.
Published on: July 10, 2025 | Source:UK Arrests Four in βScattered Spiderβ Ransom Group
Authorities in the United Kingdom this week arrested four alleged members of "Scattered Spider," a prolific data theft and extortion group whose recent victims include multiple airlinesand the U.K. retail chain Marks & Spencer.
Published on: July 10, 2025 | Source:Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
Cybersecurity researchers have discovered a critical vulnerability in the open-source mcp-remote project that could result in the execution of arbitrary operating system (OS) commands. The vulnerability, tracked as CVE-2025-6514, carries a CVSS score of 9.6 out of 10.0. "The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it
Published on: July 10, 2025 | Source:Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems. "These malicious operations impersonate AI, gaming, and Web3 firms using spoofed social media accounts and project documentation hosted on legitimate platforms like Notion and
Published on: July 10, 2025 | Source:French police arrest Russian pro basketball player on behalf of US over ransomware suspicions
Daniil Kasatkin played briefly for Penn State University. Itβs the second European arrest on cyber allegations at the request of the United States to be revealed this week. The post French police arrest Russian pro basketball player on behalf of US over ransomware suspicions appeared first on CyberScoop.
Published on: July 10, 2025 | Source:eSIM Hack Allows for Cloning, SpyingΒ
Details have been disclosed for an eSIM hacking method that could impact many, but the industry is taking action. The post eSIM Hack Allows for Cloning, Spying appeared first on SecurityWeek.
Published on: July 10, 2025 | Source:UK arrests four for cyberattacks on major British retailers
The U.K.βs National Crime Agency claims the four were involved in attacks on Marks & Spencer. The cybersecurity industry attributed those attacks to Scattered Spider. The post UK arrests four for cyberattacks on major British retailers appeared first on CyberScoop.
Published on: July 10, 2025 | Source:Ingram Micro Restores Systems Impacted by Ransomware
Ingram Micro has restored operations across all countries and regions after disconnecting systems to contain a ransomware attack. The post Ingram Micro Restores Systems Impacted by Ransomware appeared first on SecurityWeek.
Published on: July 10, 2025 | Source:SIM Swap Fraud Is Surging β and That's a Good Thing
Now it's time to build systems that attackers can't reroute with a phone call.
Published on: July 10, 2025 | Source:Qantas Confirms 5.7 Million Impacted by Data Breach
Hackers compromised names, addresses, email address, phone numbers, and other information pertaining to Qantas customers. The post Qantas Confirms 5.7 Million Impacted by Data Breach appeared first on SecurityWeek.
Published on: July 10, 2025 | Source:Four Arrested in Β£440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested individuals include two men aged 19, a third aged 17, and a 20-year-old woman. They were apprehended in the West Midlands and London on suspicion of Computer Misuse Act offenses, blackmail,
Published on: July 10, 2025 | Source:Booz Allen Invests in Machine Identity Firm Corsha
βMachine identitiesβ, often used interchangeably with βnon-human identitiesβ (NHIs), have been increasing rapidly since the start of digital transformation. The post Booz Allen Invests in Machine Identity Firm Corsha appeared first on SecurityWeek.
Published on: July 10, 2025 | Source:Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack
PCA Cyber Security has discovered critical vulnerabilities in the BlueSDK Bluetooth stack that could have allowed remote code execution on car systems. The post Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack appeared first on SecurityWeek.
Published on: July 10, 2025 | Source:What Can Businesses Do About Ethical Dilemmas Posed by AI?
AI-made decisions are in many ways shaping and governing human lives. Companies have a moral, social, and fiduciary duty to responsibly lead its take-up. The post What Can Businesses Do About Ethical Dilemmas Posed by AI? appeared first on SecurityWeek.
Published on: July 10, 2025 | Source:What Security Leaders Need to Know About AI Governance for SaaS
Generative AI is not arriving with a bang, itβs slowly creeping into the software that companies already use on a daily basis. Whether it is video conferencing or CRM, vendors are scrambling to integrate AI copilots and assistants into their SaaS applications. Slack can now provide AI summaries of chat threads, Zoom can provide meeting summaries, and office suites such as Microsoft 365 contain
Published on: July 10, 2025 | Source:New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App
Cybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called ZuRu, which is known to propagate via trojanized versions of legitimate software. SentinelOne, in a new report shared with The Hacker News, said the malware has been observed masquerading as the crossβplatform SSH client and serverβmanagement tool Termius in late May 2025. "ZuRu malware
Published on: July 10, 2025 | Source:AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs
Semiconductor company AMD is warning of a new set of vulnerabilities affecting a broad range of chipsets that could lead to information disclosure. The flaws, collectively called Transient Scheduler Attacks (TSA), manifest in the form of a speculative side channel in its CPUs that leverage execution timing of instructions under specific microarchitectural conditions. "In some cases, an attacker
Published on: July 10, 2025 | Source: