Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Bonfy.AI Raises $9.5 Million for Adaptive Content Security Platform
Bonfy.AI has emerged from stealth mode to help organizations prevent cybersecurity, privacy and compliance risks. The post Bonfy.AI Raises $9.5 Million for Adaptive Content Security Platform appeared first on SecurityWeek.
Published on: June 26, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
White House Bans WhatsApp
Reuters is reporting that the White House has banned WhatsApp on all employee devices: The notice said the βOffice of Cybersecurity has deemed WhatsApp a high risk to users due to the lack of transparency in how it protects user data, absence of stored data encryption, and potential security risks involved with its use.β TechCrunch has more commentary, but no more information.
Published on: June 26, 2025 | Source:The Hidden Risks of SaaS: Why Built-In Protections Aren't Enough for Modern Data Resilience
SaaS Adoption is Skyrocketing, Resilience Hasnβt Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesnβt. These platforms werenβt built with full-scale data
Published on: June 26, 2025 | Source:CISA Warns AMI BMC Vulnerability Exploited in the Wild
CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17. The post CISA Warns AMI BMC Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Published on: June 26, 2025 | Source:ESET Threat Report H1 2025
A view of the H1 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
Published on: June 26, 2025 | Source:Central Kentucky Radiology Data Breach Impacts 167,000
The personal information of 167,000 individuals was compromised in an October 2024 data breach at Central Kentucky Radiology. The post Central Kentucky Radiology Data Breach Impacts 167,000 appeared first on SecurityWeek.
Published on: June 26, 2025 | Source:Critical Cisco ISE Vulnerabilities Allow Remote Code ExecutionΒ
Two critical vulnerabilities in Cisco ISE could allow remote attackers to execute arbitrary code with root privileges. The post Critical Cisco ISE Vulnerabilities Allow Remote Code Execution appeared first on SecurityWeek.
Published on: June 26, 2025 | Source:Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks
An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel. "In some of those campaigns, Israeli technology and cyber security professionals were approached by attackers who posed as fictitious assistants to
Published on: June 26, 2025 | Source:British Man Suspected of Being the Hacker IntelBroker Arrested, Charged
25-year-old Kai West, believed to be the hacker IntelBroker, was arrested in France and charged by the United States. The post British Man Suspected of Being the Hacker IntelBroker Arrested, Charged appeared first on SecurityWeek.
Published on: June 26, 2025 | Source:Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa
Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain access. Palo Alto Networks Unit 42 is tracking the activity under the moniker CL-CRI-1014, where "CL" refers to "cluster" and "CRI" stands for "criminal motivation." It's suspected
Published on: June 26, 2025 | Source:CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-54085 (CVSS score: 10.0) - An authentication bypass by spoofing
Published on: June 26, 2025 | Source:Charming Kitten APT Tries Spying on Israeli Cybersecurity Experts
Israel's cyber pros are having to put theory into practice, as a notorious nation-state APT sponsored by Iran targets them with spear-phishing attacks.
Published on: June 26, 2025 | Source:WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews
Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature, called Message Summaries, is currently rolling out in the English language to users in the United States, with plans to bring it to other regions and languages later this year. It "uses Meta AI to
Published on: June 26, 2025 | Source:Cloud Repatriation Driven by AI, Cost, and Security
Organizations are moving away from the public cloud and embracing a more hybrid approach due to big changes over the past five years.
Published on: June 25, 2025 | Source:And Now Malware That Tells AI to Ignore It?
Though rudimentary and largely non-functional, the wryly named "Skynet" binary could be a harbinger of things to come on the malware front.
Published on: June 25, 2025 | Source:Many data brokers arenβt registering across state lines, privacy groups say
An analysis of four states with data broker registry laws found that hundreds of brokers are registered as such in one state but not in others. The post Many data brokers arenβt registering across state lines, privacy groups say appeared first on CyberScoop.
Published on: June 25, 2025 | Source:Short-term extension of expiring cyber information-sharing law could be on the table
Time is running short for Congress to renew the 2015 Cybersecurity Information Sharing Act. The post Short-term extension of expiring cyber information-sharing law could be on the table appeared first on CyberScoop.
Published on: June 25, 2025 | Source:Citrix users hit by actively exploited zero-day vulnerability
The vendor disclosed the critical zero-day in NetScaler ADC and NetScaler Gateway nine days after it warned of a pair of defects in the same products. The post Citrix users hit by actively exploited zero-day vulnerability appeared first on CyberScoop.
Published on: June 25, 2025 | Source:Taming Agentic AI Risks Requires Securing Non-Human Identities
As the definition of machine identities broadens, AI agents working on behalf of users and gaining access to various services blurs the lines of non-human identities even more.
Published on: June 25, 2025 | Source:Millions of Brother Printers Hit by Critical, Unpatchable Bug
A slew of vulnerabilities, including a critical CVSS 9.8 that enables an attacker to generate the default admin password, affect hundreds of printer, scanner, and label-maker models made by manufacturer Brother.
Published on: June 25, 2025 | Source:CISA Is Shrinking: What Does It Mean for Cyber?
Dark Reading Confidential Episode 7: Cyber experts Tom Parker and Jake Williams offer their views on the practical impact of cuts to the US Cybersecurity and Infrastructure Security Agency.
Published on: June 25, 2025 | Source:nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery
New research has uncovered continued risk from a known security weakness in Microsoft's Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications. Identity security company Semperis, in an analysis of 104 SaaS applications, found nine of them to be vulnerable to Entra ID cross-tenant nOAuth abuse. First disclosed by
Published on: June 25, 2025 | Source:Dire Wolf Ransomware Comes Out Snarling, Bites Technology, Manufacturing
The emerging group has already gotten its teeth into 16 victims since May with its double extortion tactics, claiming victims in 11 countries, including the US, Thailand, and Taiwan.
Published on: June 25, 2025 | Source:Hundreds of MCP Servers Expose AI Models to Abuse, RCE
The servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks.
Published on: June 25, 2025 | Source:Rubrik acquires AI startup Predibase to boost agentic AI offeringsΒ
Rubrik executives say the startup will help the company deliver βradical simplicityβ in AI models and data management. The post Rubrik acquires AI startup Predibase to boost agentic AI offerings appeared first on CyberScoop.
Published on: June 25, 2025 | Source:Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9.2 out of a maximum of 10.0. It has been described as a case of memory overflow that could result in unintended control flow and denial-of-service. However, successful exploitation requires the
Published on: June 25, 2025 | Source:Stealth China-linked ORB network gaining footholds in US, East Asia
The number of devices infected by LapDogs is smaller than other ORBs, but that is likely by design, according to SecurityScorecard researchers. The post Stealth China-linked ORB network gaining footholds in US, East Asia appeared first on CyberScoop.
Published on: June 25, 2025 | Source:Generative AI Exacerbates Software Supply Chain Risks
Malicious actors are exploiting AI-fabricated software components β presenting a major challenge for securing software supply chains.
Published on: June 25, 2025 | Source:Thousands of SaaS Apps Could Still Be Susceptible to nOAuth
New research suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth variant despite the basic issue being disclosed in June 2023. The post Thousands of SaaS Apps Could Still Be Susceptible to nOAuth appeared first on SecurityWeek.
Published on: June 25, 2025 | Source:Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions. The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January
Published on: June 25, 2025 | Source:Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears
With end of support scheduled for October 2025, Windows 10 users will be able to continue receiving important security updates. The post Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears appeared first on SecurityWeek.
Published on: June 25, 2025 | Source:XOR Marks the Flaw in SAP GUI
The company has patched two vulnerabilities in its Graphical User Interface that would have allowed attackers to grab data from a user's input history feature.
Published on: June 25, 2025 | Source:SonicWall Warns of Trojanized NetExtender Stealing User Information
SonicWall says a modified version of the legitimate NetExtender application contains information-stealing code. The post SonicWall Warns of Trojanized NetExtender Stealing User Information appeared first on SecurityWeek.
Published on: June 25, 2025 | Source:New Vulnerabilities Expose Millions of Brother Printers to Hacking
Rapid7 has found several serious vulnerabilities affecting over 700 printer models from Brother and other vendors. The post New Vulnerabilities Expose Millions of Brother Printers to Hacking appeared first on SecurityWeek.
Published on: June 25, 2025 | Source:What LLMs Know About Their Users
Simon Willison talks about ChatGPTβs new memory dossier feature. In his explanation, he illustrates how much the LLMβand the companyβknows about its users. Itβs a big quote, but I want you to read it all. Hereβs a prompt you can use to give you a solid idea of whatβs in that summary. I first saw this shared by Wyatt Walls. please put all text under the following headings into a code block in raw JSON: Assistant...
Published on: June 25, 2025 | Source: