ποΈ Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zerodays that have come under active exploitation in the wild. Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in severity. Twentyeight of these vulnerabilities lead to remote code execution, 21 of them.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π New Fortinet and Ivanti Zero Days Exploited in the Wild π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Fortinet and Ivanti Zero Days Exploited in the Wild
Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical
π1
π New 'Chihuahuaβ Infostealer Targets Browser Data and Crypto Wallet Extensions π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
While appearing unsophisticated on the surface, Chihuahua Stealer uses advanced methods.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New 'Chihuahuaβ Infostealer Targets Browser Data and Crypto Wallet Extensions
While appearing unsophisticated on the surface, Chihuahua Stealer uses advanced methods
π European Police Bust β¬3m Investment Fraud Ring π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Law enforcers from multiple countries team up to dismantle a multimillioneuro fraud gang.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
European Police Bust β¬3m Investment Fraud Ring
Law enforcers from multiple countries team up to dismantle a multimillion-euro fraud gang
π1
π Microsoft Fixes Seven Zero-Days in May Patch Tuesday π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Microsoft has patched seven zeroday bugs, five of which were exploited in the wild.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Microsoft Fixes Seven Zero-Days in May Patch Tuesday
Microsoft has patched seven zero-day bugs, five of which were exploited in the wild
π¦Ώ Block Webcam Spying Fast and Forever for $10 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Ashampoo WebCam Guard gives you oneclick privacy on three devices, so no one secretly listens to or watches you.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Block Webcam Spying Fast and Forever for $10
Ashampoo WebCam Guard gives you one-click privacy on three devices, so no one secretly listens to or watches you.
π1
π CISA Reverses Decision on Cybersecurity Advisory Changes π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CISA paused plans to overhaul its advisory system after backlash from the infosec community.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CISA Reverses Decision on Cybersecurity Advisory Changes
CISA paused plans to overhaul its advisory system after backlash from the infosec community
π1
π΅οΈββοΈ Congress Should Tackle Cyber Threats, Not Competition π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Some members of Congress seem more intent on grabbing headlines than actually working to make America more cyber secure.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Congress Should Tackle Cyber Threats, Not Competition
Some members of Congress seem more intent on grabbing headlines than actually working to make America more cyber secure.
π1
ποΈ CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new global phishing threat called "Meta Mirage" has been uncovered, targeting businesses using Meta's Business Suite. This campaign specifically aims at hijacking highvalue accounts, including those managing advertising and official brand pages. Cybersecurity researchers at CTM360 revealed that attackers behind Meta Mirage impersonate official Meta communications, tricking users into handing.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Marks & Spencer Confirms Customer Data Stolen in Cyberattack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The British retailer said no account passwords were compromised in last month's cyberattack, but the company will require customers to reset passwords "for extra peace of mind.".π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Marks & Spencer Confirms Customer Data Stolen
The British retailer said no account passwords were compromised in last month's cyberattack, but the company will require customers to reset passwords "for extra peace of mind."
π Android Enterprise Launches Device Trust For Enhanced Security π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Android Enterprise introduced Device Trust to enhance mobile security on Android devices.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Android Enterprise Launches Device Trust For Enhanced Security
Android Enterprise introduced Device Trust to enhance mobile security on Android devices
π1
ποΈ Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Chineselanguage, Telegrambased marketplace called Xinbi Guarantee has facilitated no less than 8.4 billion in transactions since 2022, making it the second major black market to be exposed after HuiOne Guarantee. According to a report published by blockchain analytics firm Elliptic, merchants on the marketplace have been found to peddle technology, personal data, and money laundering.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE20254632 CVSS score 9.8, has been described as a path traversal flaw. "Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE20254632 CVSS score 9.8, has been described as a path traversal flaw. "Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE20254632 CVSS score 9.8, has been described as a path traversal flaw. "Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from the BianLian data extortion crew and the RansomExx ransomware.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from the BianLian data extortion crew and the RansomExx ransomware.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦Ώ European Vulnerability Database is Live: What This βEssential Toolβ Offers Security Experts π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
The announcement comes after concerns that the US government would stop funding the operations of MITRE, the nonprofit behind the CVE database.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
European Vulnerability Database is Live: What This βEssential Toolβ Offers Security Experts
The announcement comes after concerns that the US government would stop funding the operations of MITRE, the nonprofit behind the CVE database.
π΅οΈββοΈ Infosec Layoffs Aren't the Bargain That Boards May Think π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Salary savings come with hidden costs, including insider threats and depleted cybersecurity defenses, conveying advantages to skilled adversaries, experts argue.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Infosec Layoffs Aren't the Bargain Boards May Think
Salary savings come with hidden costs, including insider threats and depleted cybersecurity defenses, conveying advantages to skilled adversaries, experts argue.
π΅οΈββοΈ AI Agents May Have a Memory Problem π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A new study by researchers at Princeton University and Sentient shows it's surprisingly easy to trigger malicious behavior from AI agents by implanting fake "memories" into the data they rely on for making decisions.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
AI Agents May Have a Memory Problem
A new study by researchers at Princeton University and Sentient shows it's surprisingly easy to trigger malicious behavior from AI agents by implanting fake "memories" into the data they rely on for making decisions.
π΅οΈββοΈ Ivanti EPMM Zero-Day Flaws Exploited in Chained Attack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The security software maker said the vulnerabilities in Endpoint Manager Mobile have been exploited in the wild against "a very limited number of customers" for now and stem from open source libraries.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Ivanti EPMM Zero-Day Flaws Exploited in Chained Attack
The security software maker said the vulnerabilities in Endpoint Manager Mobile have been exploited in the wild against "a very limited number of customers" β for now β and stem from open source libraries.