Microsoft vulnerabilities hit a record high while critical flaws decline, BeyondTrust report reveals rising risks across Windows, Office, and Azure systems. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
More Cisco SD-WAN bugs battered in attacks
CISA gives federal agencies 4 days to patch America’s lead cyber-defense agency has warned that three Cisco Catalyst SD-WAN Manager bugs are under attack, and given federal agencies just four days to patch the security holes.… This article has been…
Siemens Analytics Toolkit
View CSAF Summary Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for the affected products and…
SenseLive X3050
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to take complete control of the device. The following versions of SenseLive X3050 are affected: X3050 V1.523 (CVE-2026-40630, CVE-2026-25720, CVE-2026-35503, CVE-2026-39462, CVE-2026-27843, CVE-2026-40431, CVE-2026-40623, CVE-2026-27841, CVE-2026-40620, CVE-2026-35064, CVE-2026-25775)…
Siemens TPM 2.0
View CSAF Summary The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM. Siemens has released new versions for several affected…
Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary
View CSAF Summary RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) contains a vulnerability that could allow an attacker to escalate their own privileges. Siemens has released a new version for RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) and recommends to…
Silex Technology SD-330AC and AMC Manager
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service, or configuration information may be altered without authentication. The following versions of Silex Technology SD-330AC and AMC Manager are affected: SD-330AC…
22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters
Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them. The vulnerabilities have been collectively codenamed BRIDGE:BREAK by…
Seceon Recognized in the 2026 Gartner® “Voice of the Customer” Report for Security Information and Event Management
Seceon earns a 4.6 out of 5.0 overall rating from 82 verified customer reviews, with 90% of reviewers willing to recommend the platform, reflecting strong real-world satisfaction across the global services and financial sectors WESTFORD, Mass., April 21, 2026 /PRNewswire/ — Seceon Inc.,…
ShinyHunters: SaaS Breaches & Identity Risks (2026)
Who are ShinyHunters? Learn how this group exploits SaaS, credentials, and identity-based access—and how to prevent modern data breaches. The post ShinyHunters: SaaS Breaches & Identity Risks (2026) appeared first on Security Boulevard. This article has been indexed from Security…
Meta Is Sued Over Scam Ads on Facebook and Instagram
A lawsuit from the Consumer Federation of America accuses Meta of misleading consumers about its efforts to combat scams advertisements on its platforms. This article has been indexed from Security Latest Read the original article: Meta Is Sued Over Scam…
New PureRAT Campaign Hides PE Payloads in PNG Files and Executes Them Filelessly
A new and sophisticated malware campaign has been discovered, using a remote access trojan (RAT) called PureRAT to silently compromise Windows systems. What makes this campaign stand out is how cleverly it hides malicious code inside ordinary-looking PNG image files.…
New NGate Malware Developed Using AI Hides in NFC Payment Apps
A new and more dangerous version of the NGate malware has been found hiding inside a trojanized NFC payment application. This time, threat actors appear to have used artificial intelligence to help write the malicious code, which marks a significant…
Where Most SOCs Stall: Building SOC Maturity with Threat Intelligence Feeds
SOC maturity comes down to the quality of decisions. Yet in many teams, those decisions are still made based on fragmented intelligence and outdated indicators. This is where progress stalls: threat data remains external to the workflow. Mature SOCs take…
Detection strategies across cloud and identities against infiltrating IT workers
The shift to remote and hybrid work since the pandemic expanded global hiring and accelerated digital onboarding, increasing reliance on online identity verification and remote access. The post Detection strategies across cloud and identities against infiltrating IT workers appeared first…
Ransomware negotiator pleads guilty to helping ransomware gang
A former employee of a cybersecurity firm pleaded guilty to aiding ransomware criminals to maximize their profits, with the goal of taking a cut of the ransom. This article has been indexed from Security News | TechCrunch Read the original…
Forescout Uncovers New Security Risks in Widely Used Industrial Networking Devices
Cybersecurity firm Forescout has identified 22 previously unknown vulnerabilities in serial-to-IP converters, devices commonly used to connect legacy industrial equipment to modern networks. The company warns that thousands of these systems are currently exposed online, potentially increasing the risk of…
Bridewell Among First to Achieve Level 2 Defence Cyber Certification
Bridewell has become one of the first organisations to achieve Level 2 Defence Cyber Certification (DCC), marking a significant milestone in efforts to strengthen cyber security across the UK defence supply chain. The Reading-based cyber security services provider is currently…
macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets
Data from browsers, cryptocurrency wallets, 200+ extensions hoovered up A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live session cookies from 14 browsers, 16 cryptocurrency wallets, and more than 200 extensions.… This article has…
22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters
Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them. The vulnerabilities have been collectively codenamed BRIDGE:BREAK by…
Trojanized Android App Fuels New Wave of NFC Fraud
NGate malware abuses HandyPay app to steal NFC card data and PINs in Brazil This article has been indexed from www.infosecurity-magazine.com Read the original article: Trojanized Android App Fuels New Wave of NFC Fraud
Big banks seek to ease security worries as AI push accelerates
“AI is our friend, OK?” said Morgan Stanley CEO Ted Pick during the bank’s earnings call as the industry grapples with its disruptive potential. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Big…
CISA urges security teams to view environments following axios compromise
A suspected North Korea-linked actor is behind a supply chain attack on the widely used library. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: CISA urges security teams to view environments following axios…
IT Security News Hourly Summary 2026-04-21 18h : 13 posts
13 posts were published in the last hour 15:34 : Scaling Your Media Workloads: Introducing Akamai’s New 8-Card VPU Plan 15:34 : [un]prompted 2026 – Gadi Evron On Behalf Of Zenity – PleaseFix 15:34 : Ransomware negotiator admits role in…