The National Institute of Standards and Technology (NIST) scaled back the number of CVEs it selects for in-depth analysis, but the move has produced mixed results, according to researchers.
0
NIST Enrichment Reductions Impact CVE Coverage, Accuracy
Thứ Ba, 30 tháng 6, 2026
Việt Nam Hacker
0
Vulnerabilities Expose Private Data in Indian Government Systems
Thứ Hai, 29 tháng 6, 2026
Việt Nam Hacker
One critical vulnerability, among many discovered by a researcher, could have allowed anyone to walk in and take over a national government portal.
0
Iran, Russia, China Target Water Systems for Sabotage
Việt Nam Hacker
Nation-state attackers breach water systems through weak passwords, exposed PLCs, and poor segmentation — not sophisticated malware.
0
Amazon Q VS Extension Flaw Leads to Cloud Credential Theft
Việt Nam Hacker
Adversaries could plant a malicious repository that can execute arbitrary code and steal cloud credentials by exploiting the vulnerability, which showcases growing MCP risk.
0
Third-Party Breaches Teach Education Sector a Costly Lesson in Vendor Risk
Thứ Bảy, 27 tháng 6, 2026
Việt Nam Hacker
Rising threats from third-party actors are forcing institutions to play defense to protect student data from ransomware and other attacks.
0
New Initiative Tackles Security for End-of-Life Open Source Software
Thứ Sáu, 26 tháng 6, 2026
Việt Nam Hacker
The Open Source Sustainability Initiative's goal is to help enterprises manage and secure aging open source projects while maintaining regulatory compliance.
0
AI Decline? Confidence in Autonomous Penetration Testing Falls
Việt Nam Hacker
Companies are still experimenting with automated AI systems to find security weaknesses, but fewer are relying on the technology.
0
Cisco Adds NHI to Security Stack With Astrix, WideField Acquisitions
Việt Nam Hacker
Cisco joins a growing list of security platform providers who are betting that securing the agentic workforce means turning identity into the primary control plane.
0
In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw
Thứ Năm, 25 tháng 6, 2026
Việt Nam Hacker
The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified CM SME deployments.
0
EdTech Attackers Shift From Schools to Their Software Suppliers
Việt Nam Hacker
Educational institutions, the edtech companies they rely on, and, more concerningly, the challenges they pose for schools are the focus of the latest Reporters' Notebook video series.
0
Local Police Collusion Hampers Crackdown on Asian Scam Centers
Việt Nam Hacker
With tens of billions of dollars flowing into regional economies from cybercrime, scam centers continue to flourish, despite international and law-enforcement efforts.
0
Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure
Thứ Tư, 24 tháng 6, 2026
Việt Nam Hacker
Researchers believe rogue peering was used to connect to the victim's SD-WAN devices to gain admin privileges and root-level access.
0
Do CISOs Need a Code of Ethics?
Việt Nam Hacker
Kickbacks, no-show jobs, "dirty" VCs, and shelf ware — industry expert Robert "RSnake" Hansen explains why he thinks its time for a CISO code of ethics to ensure cybersecurity bosses aren't engaged in self-dealing that could risk enterprise, and even national, security.
0
More Malicious OpenClaw Skills Threaten AI Supply Chain
Việt Nam Hacker
OpenClaw removed five packages from ClawHub, its skills marketplace, that bypassed security checks even though they included infostealers and other threats.
0
Apple's MacOS Gap Lets Users Disable Security Tools
Việt Nam Hacker
Attackers can exploit the issue to disable security and integrated browser tools without needing administrator privileges or kernel exploits.
0
Scope of Salesforce Attacks Expands as Icarus Leaks Data
Thứ Ba, 23 tháng 6, 2026
Việt Nam Hacker
More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' Salesforce data.
0
'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows
Việt Nam Hacker
The CI/CD workflow weakness affects Microsoft's Azure Sentinel, Google's AI Agent Development Kit, Apache's Doris analytics database, Cloudflare's Workers SDK, and Python Software Foundation's Black.
0
SocGholish Takedown Highlights Malicious TDS Threats
Việt Nam Hacker
SocGholish uses traffic distribution systems (TDSs) to provide initial access into victims' networks for cybercrime groups such as the notorious Evil Corp.
0
He Thought He Was Secure; His Phone Number Got Stolen Anyway
Việt Nam Hacker
Threat actors can easily steal one-time passwords sent by text when they conduct a SIM swap attack. This can lead to account takeovers, so users must layer up their security measures.
0
DifyTap Bugs Let Attackers 'Wiretap' AI Chat Histories
Việt Nam Hacker
Four vulnerabilities allow attackers to exploit Dify, a platform for AI application building and management, to silently access and exfiltrate sensitive data.
0
Crypto Heist Fueled by Elaborate Fake Reputation-Boosting Campaign
Thứ Hai, 22 tháng 6, 2026
Việt Nam Hacker
Attackers are using multiple online channels — including GitHub, YouTube, and VirusTotal — to build an illusion of trust to spread a cross-platform clipboard hijacker.
0
Novo Nordisk Breach Exposes Software Development Pipeline Risk
Thứ Năm, 18 tháng 6, 2026
Việt Nam Hacker
A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem rather than an identity problem.
0
Operation Escaneo Signals Shift in LatAm Threat Landscape
Việt Nam Hacker
The threat group's curious business model may combine opportunistic monetization alongside intel collection, without much coordination between the two.
0
FIFA Bug Exposed World Cup Streams to Remote Takeover
Việt Nam Hacker
A hacker could have "Rickrolled" the World Cup — or worse — thanks to FIFA's unenforced Entra access controls.
0
Salesforce Data Thefts Continue via Klue App Compromise
Việt Nam Hacker
Klue's Battlecards is now the third integrated application that has been compromised to steal customers' Salesforce data, and victims include Huntress, the cybersecurity vendor.
0
Get Out of Security Debt by Tackling the Exposure Problem
Việt Nam Hacker
Teams digging out of security debt need to answer only two simple questions: Which vulnerabilities in our systems are exposed, and how long should they stay that way?
0
EU Gets a Head Start in Developing 6G Network Security
Việt Nam Hacker
"Shield-6G" will combine AI threat detection, digital twins, honeypots, and more, to help carriers protect 6G networks against the threats of tomorrow.
0
INC Ransomware Thrives by Mastering the Basics
Thứ Tư, 17 tháng 6, 2026
Việt Nam Hacker
And one of those basics is focusing on sectors where a ransomware disruption creates immediate pressure to pay up, like with healthcare.
0
Security Community Slams US Ban on Exporting Mythos, Fable
Thứ Ba, 16 tháng 6, 2026
Việt Nam Hacker
An open letter signed by dozens of security experts asked the government to reverse export restrictions on Anthropic's Claude Fable 5 and Mythos 5 models.
0
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk
Việt Nam Hacker
The denial-of-service (DoS) exploit takes advantage of two features in HTTP/2 that were designed to save Internet bandwith, not power massive amplification attacks.
0
Rokarolla Android Trojan Levels Up to Full Device Control, Persistence
Việt Nam Hacker
The emerging malware, spread via fake TikTok and Chrome downloads, demonstrates an evolution by combining banking fraud with extensive device surveillance and remote control.
0
'Lorem Ipsum' Malware Pivots to ClickFix Delivery
Việt Nam Hacker
New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and data extortion group Vice Society.
0
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
Thứ Hai, 15 tháng 6, 2026
Việt Nam Hacker
The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden URLs and other variables.
0
Most CISOs Report Pressure to Bury Bad Security News
Việt Nam Hacker
Executive leaders may not be saying it aloud, but business objectives and priorities don't always promote timely disclosures.
0
The Beginning of the End of Social Engineering
Việt Nam Hacker
AI-native operating systems are shifting the responsibility to stay vigilant against social engineering cyberattacks from the user onto the system itself.
0
US Cracks Down on Anthropic AI Models Amid Abuse Concerns
Việt Nam Hacker
Anthropic abruptly suspended all access to Fable 5 and Mythos 5 after receiving an export control directive that banned foreign nationals from using the AI models.
0
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
Thứ Sáu, 12 tháng 6, 2026
Việt Nam Hacker
A major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data.
0
Claude Fable 5 Doesn't Change the Mythos Security Story
Việt Nam Hacker
Stay cool: Mythos 5 is an upgrade over Mythos Preview while Fable 5 is Mythos "made safe for general use," Anthropic explained.
0
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Thứ Năm, 11 tháng 6, 2026
Việt Nam Hacker
Initial methods suggest attackers had likely mapped out Ivanti's asset landscape upfront and acted quickly once the exploit became public.
0
Chinese, N. Korean Threat Groups Build on Asia-Pacific Success
Thứ Tư, 10 tháng 6, 2026
Việt Nam Hacker
North Korea's gross domestic product (GDP) has grown, in part because of the cybercrime gains of groups linked to the nation, which target business and financial firms.
0
AI Risk Worries Insurers and Businesses Alike
Việt Nam Hacker
As companies adopt AI, many insurance firms are explicitly excluding AI risks, while others are forging ahead to create the right framework. What risks can firms reasonably manage?
0
Bug Bounty Research Triggers ServiceNow Security Alert
Việt Nam Hacker
Bug bounty research inadvertently led organizations to believe they were being breached through their ServiceNow instances.
0
AI Slop Will Kill Cybersecurity Storytelling If We Let It
Việt Nam Hacker
AI-generated content threatens credibility in cybersecurity. This "Ask the Expert" column explores why human oversight matters and how to maintain authentic narratives.
0
Blame AI: Patch Tuesday Hits Record 206 CVEs
Thứ Ba, 9 tháng 6, 2026
Việt Nam Hacker
Voluminous patch updates could soon be the norm, as artificial intelligence accelerates the speed and scale of vulnerability discovery.
0
Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories
Việt Nam Hacker
The attacks stemmed from a GitHub account that was also compromised in a previous Miasmi attack on Microsoft last month.
0
Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks
Thứ Hai, 8 tháng 6, 2026
Việt Nam Hacker
The financially motivated group is combining vishing, IT impersonation, and in-person office intrusions to steal data and extort victims.
0
Check Point VPN Flaw Exploited Since Early May
Việt Nam Hacker
A newly discovered, critical zero-day vulnerability is under attack; a Qilin ransomware affiliate has been blamed for at least one incident.
0
Iran Signed a Ceasefire — Its Hackers Didn't
Việt Nam Hacker
An extension of the Geneva Conventions could impose restrictions on cyberwarfare under ceasefire conditions and close a major loophole in international conflict.
0
'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud
Việt Nam Hacker
The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat.
0
Exposed Fuel Tank Gauges Under Attack in the US
Thứ Sáu, 5 tháng 6, 2026
Việt Nam Hacker
Threat actors are taking advantage of Internet-exposed tank gauges by breaching gas stations, opening the door to disruption.
0
Rust-Written IronWorm Hits NPM Supply Chain
Thứ Năm, 4 tháng 6, 2026
Việt Nam Hacker
Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.
0
4 Critical Threats Where Attackers Have the Advantage
Việt Nam Hacker
Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections.
0
Bugcrowd Launches EU Data Residency Option For Evolving Data Sovereignty Needs
Việt Nam Hacker
Organizations are growing serious about what nation’s rules apply to their data. Experts point to geopolitical tensions as a main contributing factor.
0
Attackers Use AI to Automate EDR Evasion Testing
Thứ Tư, 3 tháng 6, 2026
Việt Nam Hacker
Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender.
0
Tropical Blend: Cyber & Politics Ramp Up Across Latin America
Việt Nam Hacker
China-linked espionage groups have attacked at least a dozen nations in the region, gathering information on maritime shipping, oil production, and other geopolitical interests.
0
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
Việt Nam Hacker
A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to steal logins and data.
0
FBI-Flagged Phishing Kit Kali365 Expands Its Reach
Thứ Ba, 2 tháng 6, 2026
Việt Nam Hacker
Once targeting just Microsoft 365, the phishing-as-a-service platform now aims at AWS, Okta, and Russian platforms, while relying on device code phishing.
0
China Uses Dual-Method Cyberattack on Czech Orgs
Việt Nam Hacker
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
0
Securing AI Agents Before They Go Rogue Is Next to Impossible
Việt Nam Hacker
High-autonomy agents with broad permissions and unfettered access are a recipe for disaster, and enterprises need to act now before they become the next horror story.
0
Beyond Assume-Breach: How AI-Native Security Will Reshape Enterprise Defense
Việt Nam Hacker
Twenty years after Dark Reading launched, we're looking ahead at what's next for enterprise security. Spoiler: It's hyper-segmented, AI-orchestrated, and way more sophisticated than your dad's firewall.
0
Microsoft's Zero-Day Legal Threats Spark Backlash
Thứ Hai, 1 tháng 6, 2026
Việt Nam Hacker
After a disgruntled security researcher published several zero-day exploits in recent weeks, Microsoft seemingly indicated criminal charges were in order.
0
Anthropic to Open Mythos AI to EU's ENISA
Việt Nam Hacker
The European security agency's entry to Project Glasswing is the result of "strong bilateral cooperation" between the European Commission and Anthropic.
0
Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit
Việt Nam Hacker
Exploiting the PAN-OS GlobalProtect VPN vulnerability requires certain conditions, but adversaries have done so in two attack waves that started in mid-May.
Đăng ký:
Bài đăng (Atom)
