72 links tagged with all of: cybersecurity + vulnerabilities
Click any tag below to further narrow down your results
Links
Ivanti disclosed two critical vulnerabilities affecting its Endpoint Manager Mobile, which have already compromised several major organizations, including the Netherlands’ government and the European Commission. Researchers warn that attacks are spreading, with nearly 1,300 instances still exposed online. The vulnerabilities allow attackers to execute code remotely, raising concerns over ongoing exploitation.
OpenAI warns that its upcoming AI models may pose a "high" cybersecurity risk due to their enhanced capabilities. The company reports that these models could enable more people to execute cyberattacks, especially with their ability to operate autonomously for longer periods. OpenAI is increasing its efforts to address these threats through collaboration and new tools.
In 2025, an AI system identified four previously unknown security issues in OpenSSL, three of which were disclosed and fixed by the system. The findings highlight the potential of AI in proactively discovering vulnerabilities in critical infrastructure.
Portugal's revised cybercrime law creates a legal safe harbor for security researchers acting in good faith. Researchers can now engage in certain hacking activities without fear of prosecution, provided they meet specific conditions, such as reporting vulnerabilities promptly and not seeking financial gain.
The article discusses a benchmark report that highlights how Anthropic's Claude models excel in security compared to other large language models (LLMs). While most models struggle with vulnerabilities like jailbreaks and harmful content generation, Claude consistently demonstrates superior performance, indicating a significant gap in safety standards across the industry.
Two critical 0-day vulnerabilities in NetSupport Manager allow attackers to execute code remotely without authentication. This exploit can compromise industrial control systems, enabling lateral movement within networks. Organizations are urged to upgrade to the latest version to mitigate risks.
This article explains the differences between prompt injection and SQL injection, emphasizing that prompt injection poses unique risks in generative AI systems. It highlights the challenges in mitigating these vulnerabilities due to the lack of distinction between data and instructions in large language models.
Anthropic tested ten AI models on 405 smart contract exploits and found that they could replicate over half of them, generating $4.6 million in simulated attacks. The study highlights the speed at which AI can identify vulnerabilities, raising concerns about security in decentralized finance.
Mandiant has released rainbow tables that significantly simplify the process of cracking NTLMv1 passwords, allowing attackers to recover authentication keys in under 12 hours using consumer-grade hardware. The release transforms this previously theoretical vulnerability into a practical threat, requiring organizations to take immediate action to mitigate risks.
SolarWinds released patches for three critical vulnerabilities in its Serv-U file transfer solution. One flaw allows attackers with admin privileges to execute arbitrary code, posing significant risks to affected systems. The vulnerabilities are listed in the CISA's Known Exploited Vulnerabilities catalog.
Echo, a cybersecurity firm founded by Eilon Elhadad and Eylam Milner, raised $35 million in Series A funding to enhance its vulnerability management for container images. The company's solution aims to eliminate security issues from the base image layer, promising immediate reduction in vulnerability counts for clients.
Oligo Security has revealed an ongoing global hacking campaign, ShadowRay 2.0, where attackers exploit a flaw in the Ray AI framework to create a self-propagating botnet. The attackers, known as IronErn440, leverage AI-generated payloads to enhance their methods while competing with other criminal groups for resources. Over 230,000 Ray servers are currently exposed to this threat.
This article argues that AI integration in cybersecurity can create more vulnerabilities rather than enhance security. It highlights how hype around AI often overshadows the real risks, such as data leaks and poorly integrated systems, which can lead to significant security breaches.
Cydome has identified a new variant of the Mirai botnet, called Broadside, which exploits a vulnerability in TBK DVR devices used in maritime logistics. This variant not only conducts DDoS attacks but also attempts to harvest system credentials, posing a significant threat to shipping operations.
The article reports on 884 new Known Exploited Vulnerabilities (KEVs) identified in 2025, highlighting that nearly 29% were exploited on or before their CVE publication date. It emphasizes the rapid pace of exploitation and the need for organizations to prioritize timely remediation of both new and existing vulnerabilities.
Day Two of Pwn2Own Automotive 2026 featured intense competition among security researchers, resulting in 29 new exploits and $439,250 awarded. The event has now totaled 66 unique vulnerabilities and over $955,000 in prize money. Fuzzware.io leads the standings as the contest nears its final day.
Two vulnerabilities, named LookOut, discovered in Google Looker can lead to remote code execution and data exfiltration. Attackers with developer permissions can exploit these flaws to fully compromise Looker instances.
Arctic Wolf detected malicious SSO logins on FortiGate appliances linked to critical vulnerabilities CVE-2025-59718 and CVE-2025-59719. These vulnerabilities allow unauthenticated access via crafted SAML messages if the FortiCloud SSO feature is enabled. Administrators are urged to reset credentials, restrict access, and upgrade to the latest software versions.
AI models like Claude Sonnet 4.5 can now execute complex multi-stage attacks on networks using standard open-source tools, eliminating the need for custom toolkits. This advancement allows AIs to exploit known vulnerabilities quickly, emphasizing the urgent need for timely security updates.
Tenzai has introduced an AI-driven platform that conducts penetration testing to identify and fix vulnerabilities in enterprise software. Backed by $75 million in funding, the service aims to automate and scale the work of elite hackers, addressing the talent shortage in cybersecurity.
Novee has launched an AI-driven penetration testing service that continuously identifies and addresses security vulnerabilities. Unlike traditional methods, it simulates real attacks, providing specific remediation steps and adapting to changes in the environment. This approach aims to help organizations stay ahead of potential threats.
The article discusses experiments using Opus 4.5 and GPT-5.2 to generate exploits for a zero-day vulnerability in QuickJS. It concludes that the future of offensive cybersecurity may rely on token throughput rather than the number of human hackers, as LLMs prove effective in exploit development.
The article discusses the vulnerabilities identified in Q1 2025, highlighting a list of known exploited Common Vulnerabilities and Exposures (CVEs). It emphasizes the importance of timely updates and patches to mitigate risks associated with these vulnerabilities, as well as the significance of awareness in cybersecurity practices.
Major vulnerabilities known as Frostbyte10 have been discovered in Copeland controllers used in thousands of refrigeration systems at grocery chains, potentially allowing attackers to manipulate temperatures and disrupt supply chains. Armis identified ten critical flaws, prompting Copeland to issue firmware updates and CISA to urge immediate patching of affected systems. While no exploitation has been confirmed in the wild, the pervasive use of these controllers makes them a prime target for malicious actors.
Scammers are exploiting unsecured cellular routers from Milesight IoT to launch SMS phishing campaigns, known as smishing, that have been active since October 2023. Researchers found over 18,000 routers exposed online, with many allowing unauthorized access and running outdated firmware, making them an effective tool for decentralized phishing efforts targeting users in multiple countries.
Pwn2Own Berlin 2025 concluded with a total award of $1,078,750, surpassing the million-dollar mark. The STAR Labs SG team won the Master of Pwn title, earning $320,000, while various participants showcased their exploits across different platforms, including Windows 11 and NVIDIA technologies. Notably, 28 unique 0-day vulnerabilities were disclosed during the event.
Microsoft awarded $17 million to 344 security researchers in the past year through its bug bounty programs, marking the highest annual payout since the programs began in 2018. The total amount distributed across all years now reaches $92.5 million, with ongoing updates to enhance program coverage and align with emerging security challenges.
Apple has expanded its bug bounty program by doubling the maximum reward to $2 million for reporting zero-click remote compromise vulnerabilities, with potential payouts exceeding $5 million through bonuses. The program, which has awarded $35 million since its inception in 2020, also introduces new categories and increased rewards for various types of attacks, aiming to incentivize security researchers to report critical vulnerabilities. Additionally, Apple plans to distribute secured iPhone 17 devices to civil society organizations at risk of spyware attacks in 2026.
Two new zero-day vulnerabilities in Windows have been discovered and are currently being exploited by cybercriminals. The flaws could allow attackers to execute arbitrary code and gain elevated privileges on affected systems, prompting urgent calls for users to update their software and security measures.
The article discusses the importance of conducting risk assessments for generative AI technologies, highlighting potential threats and vulnerabilities associated with their deployment. It emphasizes the need for a structured approach to evaluate risks, ensuring organizations can leverage these technologies safely while mitigating possible downsides.
The article discusses an emergency directive issued by CISA in response to critical zero-day vulnerabilities discovered in Cisco products. It emphasizes the urgency for organizations to apply patches and mitigate risks associated with these vulnerabilities to enhance cybersecurity defenses.
State-sponsored hackers are increasingly exploiting vulnerabilities in critical infrastructure systems, particularly targeting sectors such as energy and transportation. These attacks are becoming more sophisticated and coordinated, posing significant risks to national security and public safety. Governments are urged to enhance their cybersecurity measures to mitigate these threats effectively.
Illumina has agreed to a $9.8 million settlement due to failing to incorporate adequate cybersecurity measures in its products, leading to vulnerabilities that could be exploited by remote attackers. This settlement arises from a lawsuit initiated by a former employee under the False Claims Act, with a portion of the funds allocated to the whistleblower.
Four critical vulnerabilities discovered at the Pwn2Own Berlin 2025 hacking competition have been patched in various VMware products, with hackers earning over $340,000 for their exploits. Broadcom, the parent company of VMware, confirmed that there is no evidence these flaws have been exploited in the wild.
The article discusses the evolution of malware, highlighting a new variant known as ClickFix that emerged from the notorious MonsterRat. It examines the techniques used by this malware to exploit vulnerabilities and the implications for cybersecurity.
Akirabot has been identified as a malicious bot that spammed approximately 80,000 websites, primarily by exploiting vulnerabilities in outdated content management systems. The attack highlights the ongoing threat of automated bots in the cybersecurity landscape and emphasizes the need for regular updates and security measures.
Two critical vulnerabilities in Cisco's Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) have been identified, allowing remote code execution without authentication. Cisco has released patches for these vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20282, and users are urged to apply them promptly.
Docker has launched unlimited access to its Hardened Images catalog, providing startups and small businesses with affordable, secure software bundles that are free from known vulnerabilities. The catalog features a wide range of images and includes a seven-day patch service level agreement to ensure timely updates. This initiative aims to enhance security in the container ecosystem by making highly secure images accessible to all users.
Understanding the difference between "vulnerable" and "exploitable" is crucial for enhancing security measures. A system may have vulnerabilities that are not exploitable due to various factors, such as lacking the necessary conditions or resources for an attack. Recognizing this distinction helps organizations prioritize their security efforts effectively.
Researchers at EdisonWatch have revealed that the new calendar integration feature in ChatGPT can be exploited to execute commands that may lead to the theft of sensitive emails. This type of attack, requiring user interaction, highlights ongoing vulnerabilities within AI systems and the risks associated with their integration into enterprise tools.
AMD has announced vulnerabilities related to a new side-channel attack known as the Transient Scheduler Attack (TSA) affecting various AMD processors. Although rated low to medium in severity, cybersecurity firms have classified the overall threat as critical due to the potential for information leakage, particularly concerning OS kernel data. Users are advised to apply patches to mitigate risks, as the attacks require local access to execute successfully.
Research reveals significant security flaws in the OPC UA protocol, commonly used in industrial settings. These vulnerabilities could allow attackers to exploit configurations, leading to severe disruptions in operational technology environments. Recommendations for patching and securing implementations are provided.
Trend Micro has identified significant flaws in Nvidia's patch for a critical vulnerability in the Nvidia Container Toolkit, warning that it does not fully mitigate risks associated with container escape attacks. The incomplete patch allows attackers to potentially execute arbitrary commands and access sensitive host data, posing serious security threats to enterprises using AI containers.
Security vulnerabilities in a carmaker's web portal allowed a hacker to remotely unlock vehicles from anywhere, raising serious concerns about the security of connected car technologies. The breach highlights the need for stronger cybersecurity measures in the automotive industry to protect consumer data and vehicle safety.
Iranian hackers have exploited vulnerabilities in over 100 embassies, compromising sensitive information and highlighting the need for enhanced cybersecurity measures in diplomatic institutions. The attacks leverage advanced techniques, indicating a sophisticated level of threat to global diplomatic operations.
A new startup focused on zero-day vulnerabilities is offering $20 million for tools that can successfully hack any smartphone. This initiative aims to attract skilled hackers to enhance cybersecurity solutions amidst increasing smartphone security challenges.
DaVita Inc. experienced a significant data breach on August 5, 2025, leading to a 14.13% drop in stock value and exposing vulnerabilities in their cybersecurity practices. The analysis reveals multiple failures in threat detection, patch management, and compliance, highlighting how the breach was largely preventable and underscoring the long-term risks to investor trust and regulatory compliance. The article also details the technical aspects of the breach and the potential financial repercussions for the company.
NIST has announced that all Common Vulnerabilities and Exposures (CVEs) published before January 1, 2018, will be classified as "deferred" in the National Vulnerability Database. This decision aims to prioritize the analysis of newer vulnerabilities while indicating that older ones still require attention from organizations for remediation.
CISA reported that hackers breached a U.S. federal agency by exploiting a critical unpatched vulnerability in GeoServer, leading to lateral movement within the agency's network and the installation of web shells. The attackers remained undetected for three weeks until their activities triggered alerts, prompting an investigation and response measures. CISA emphasizes the importance of timely patching and monitoring for security vulnerabilities.
Researchers from Forescout have identified that approximately 35,000 solar power systems are vulnerable to remote attacks due to being exposed to the internet. They discovered over 90 vulnerabilities in various solar products, with specific examples of exploited flaws in devices such as the SolarView Compact.
Researchers have discovered multiple zero-day vulnerabilities in HashiCorp Vault and CyberArk Conjur, critical secret management platforms used by many enterprises. These vulnerabilities could allow attackers to bypass authentication, gain root access, and execute remote code, posing significant security risks to organizations.
Google Project Zero has publicly disclosed vulnerabilities in software a week after reporting them to the respective vendors. This decision highlights the ongoing debate about the balance between transparency and responsible disclosure in the cybersecurity community. The vulnerabilities identified pose potential risks to users, emphasizing the importance of timely updates from software developers.
Team82 has revealed four vulnerabilities in Axis Communications' video surveillance products, which could allow attackers to execute remote code on both the Axis Device Manager and Axis Camera Station. The exploit chain targets the proprietary Axis.Remoting protocol, potentially exposing thousands of organizations to significant security risks. Axis Communications has responded promptly with patches to address these vulnerabilities.
Fortinet has alerted customers that threat actors are exploiting a technique to maintain read-only access to compromised FortiGate VPN devices, even after vulnerabilities have been patched. The attackers create symbolic links in the device's file system, allowing them to access sensitive information despite updates meant to address the initial breaches. A wave of these attacks has been reported since early 2023, prompting Fortinet and CERT-FR to advise affected users to take immediate action to secure their devices.
The article presents an in-depth report on cloud security risks, highlighting the increasing threats faced by businesses operating in cloud environments. It discusses the types of vulnerabilities and potential impacts on organizations, emphasizing the necessity for improved security measures and awareness to mitigate these risks.
The article discusses the vulnerabilities associated with AgentFlayer, a malware designed to exploit weaknesses in Android devices. It highlights the methods used by the malware to gain unauthorized access and the potential impact on users' data security. Recommendations for mitigating these risks are also provided.
Network security devices are increasingly exposing organizations to risks due to outdated vulnerabilities that date back to the 1990s. These flaws can lead to significant security breaches if not addressed, highlighting the urgent need for businesses to update their security infrastructure.
The FBI has issued a warning about the increased targeting of end-of-life devices by cyber threat actors, emphasizing the vulnerabilities these outdated technologies present. With many organizations still utilizing unsupported hardware and software, the risks of exploitation and security breaches are heightened. Organizations are urged to assess their systems and take necessary steps to mitigate potential threats.
Sonatype has identified a global espionage campaign targeting open-source ecosystems, revealing sophisticated tactics used by threat actors to infiltrate software supply chains. The findings highlight vulnerabilities within popular open-source libraries, emphasizing the need for enhanced security measures in software development practices.
The article discusses significant vulnerabilities found in the Yolink IoT gateway, which poses risks to home security systems. These vulnerabilities could potentially allow unauthorized access and control over connected devices, highlighting the need for better security measures in IoT products.
Hackers are compromising end-of-life SonicWall Secure Mobile Access appliances, exploiting leaked administrator credentials and potentially using a custom backdoor malware called Overstep. Google’s Threat Intelligence Group urges organizations to analyze their devices for signs of compromise, as many details about the attacks and vulnerabilities remain unclear.
HackerOne has disbursed $81 million in bug bounties over the past year, reflecting a 13% year-over-year increase. The demand for AI security has surged, with AI vulnerabilities rising by over 200%, while traditional vulnerabilities like XSS and SQL injection are declining. A significant number of researchers are now utilizing AI tools to enhance their security testing efforts.
The article discusses methods for exploiting vulnerabilities in Windows drivers, aimed at beginners interested in cybersecurity and hacking. It provides insights into the process of weaponizing these drivers to gain unauthorized access or control over systems. This serves as a foundational guide for those looking to understand the intricacies of driver manipulation in the context of malicious activities.
Over 266,000 F5 BIG-IP instances are exposed online, following a breach that allowed nation-state hackers to steal source code and information about security flaws. F5 has released patches for 44 vulnerabilities and urged users to update their systems, while CISA has mandated federal agencies to secure their F5 products by specific deadlines and disconnect unsupported devices.
Generative AI models, such as OpenAI's GPT-4, are enabling rapid development of exploit code from vulnerability disclosures, reducing the time from flaw announcement to proof-of-concept to mere hours. Security experts have observed a significant increase in the speed at which vulnerabilities are exploited, necessitating quicker responses from defenders in the cybersecurity landscape. This shift underscores the need for enterprises to be prepared for immediate action upon the release of new vulnerabilities.
Critical vulnerabilities in the BlueSDK Bluetooth stack could allow remote code execution on millions of vehicles, enabling hackers to gain access to car infotainment systems. The PerfektBlue attack can track locations, record audio, and potentially control vehicle functions by exploiting these flaws.
SANS offers a training demo for cybersecurity professionals that showcases practical, short modules and real-world labs designed to help developers identify and fix vulnerabilities without disrupting project timelines. The training aligns with industry standards and has been adopted by various organizations to enhance security, reduce rework, and meet compliance requirements.
The article provides a comprehensive security checklist for individuals and organizations to enhance their cybersecurity posture. It covers essential practices, tools, and strategies to mitigate risks and protect sensitive information effectively. Following this checklist can help users identify vulnerabilities and implement necessary security measures.
SystemBC is a proxy botnet that exploits vulnerable commercial virtual private servers (VPS) to maintain an average of 1,500 bots daily, facilitating high volumes of malicious traffic. With over 80 command-and-control servers, it has been utilized by various threat actors, including ransomware gangs, and is characterized by long infection lifetimes and numerous unpatched vulnerabilities in compromised systems. Researchers highlight that SystemBC's operations are designed for volume rather than stealth, making detection challenging for security efforts.
Silent smishing exploits vulnerable cellular router APIs to conduct phishing attacks via SMS, allowing attackers to access sensitive information without authentication. The article discusses various attack methods, including the impersonation of legitimate organizations, and emphasizes the need for vigilance against such threats.
GreyNoise has reported a significant 500% increase in scanning activities targeting Palo Alto Networks portals. This surge in scans is indicative of potential vulnerabilities being exploited, prompting organizations to strengthen their security measures against such threats.
The article discusses a security vulnerability found in the FIA's driver categorization website, allowing unauthorized access to administrative roles through a simple HTTP PUT request. The authors, who participated in a cybersecurity event related to Formula 1, demonstrated that they could escalate privileges and gain full admin access, potentially exposing sensitive information like driver profiles and personal data. This is the first part of a three-part series on vulnerabilities in Formula 1 systems.