UK law enforcement authorities have made significant progress in their investigation into cyber attacks targeting some of Britain’s most prominent retailers, with four individuals now in custody following coordinated arrests across the West Midlands and London. The National Crime Agency…
Author: IT Security News Bot
Ingram Micro Ransomware Attack Shakes IT Supply Chain
Your weekly dose of the most urgent cyber threats is here. Adam Pilton distilled it all into five critical stories and five things you should actually do about them. Let’s get into it. Ingram Micro Ransomware Attack Disrupts Global IT…
Ruckus network management solutions riddled with unpatched vulnerabilities
Claroty researcher Noam Moshe has discovered serious vulnerabilities in two Ruckus Networks (formerly Ruckus Wireless) products that may allow attackers to compromise the environments managed by the affected software, Carnegie Mellon University’s CERT Coordination Center (CERT/CC) has warned. The vulnerabilities…
Malware-Ranking Juni: Infostealer Formbook weiterhin an der Spitze
Laut Check Point-Analyse greift AsyncRAT global nach der Spitze und RAT verbreitet Malware über verseuchte Discord-Einladungslinks. Dieser Artikel wurde indexiert von IT-News Cybersicherheit – silicon.de Lesen Sie den originalen Artikel: Malware-Ranking Juni: Infostealer Formbook weiterhin an der Spitze
Critical Bluetooth Protocol Vulnerabilities Expose Devices to RCE Attacks
Security researchers have disclosed a critical set of Bluetooth vulnerabilities dubbed “PerfektBlue” that affect millions of vehicles and other devices using OpenSynergy’s BlueSDK framework. The vulnerabilities can be chained together to achieve remote code execution (RCE) with minimal user interaction,…
CISA Warns ValveLink Products May Expose Sensitive System Information
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security advisory warning that multiple vulnerabilities in Emerson ValveLink Products could allow attackers to access sensitive system information and execute unauthorized code. The alert, designated ICSA-25-189-01 and released on…
Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested individuals include two men aged 19, a third aged…
New Opossum Attack Allows Hackers to Compromise Secure TLS Channels with Malicious Messages
The new Opossum attack is a sophisticated cross-protocol application layer desynchronization vulnerability that compromises TLS-based communications. This attack exploits fundamental differences between implicit and opportunistic TLS implementations, affecting critical protocols including HTTP, FTP, POP3, SMTP, LMTP, and NNTP. By leveraging…
New Scraper Botnet with 3,600+ Unique Devices Attacking Targets in US and UK
Cybersecurity researchers have uncovered a sophisticated scraper botnet comprising more than 3,600 unique devices that has been systematically targeting systems across the United States and United Kingdom since April 2025. The malware campaign represents a significant escalation in automated web…
Critical Vulnerabilities in Bluetooth Protocol Stack Expose Millions of Devices to Remote Code Execution Attacks
A new and critical security threat, PerfektBlue, has emerged, targeting OpenSynergy’s BlueSDK Bluetooth framework and posing an unprecedented risk to the automotive industry. This sophisticated attack vector enables remote code execution (RCE) on millions of devices across automotive and other…
Sigma360 AI Investigator Agent reduces manual reviews
Sigma360 launched AI Investigator Agent, an autonomous GenAI agent that transforms how compliance teams handle risk alerts. This innovation leverages advanced AI and entity resolution models to clear easily identifiable false positives, reducing manual match reviews by up to 90%…
Warn-App: NINA schickt jetzt auch Polizeimeldungen
Die Notfall-App des Bundes namens Nina warnt derzeit vor allem vor extremen Unwettern und anderen drohenden Naturkatastrophen. Nun wird ihre Funktion erweitert. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Warn-App: NINA schickt jetzt auch…
AMD-fTPM-Bug: Einige Mainboard-Hersteller verteilen den Fix nicht
AMD erklärt, dass für einen fTPM-Fehler seit Jahren eine Korrektur bereitsteht. Hersteller liefern sie nur nicht aus. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: AMD-fTPM-Bug: Einige Mainboard-Hersteller verteilen den Fix nicht
[UPDATE] [mittel] IEEE 802.11 (WLAN): Mehrere Schwachstellen
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in der IEEE 802.11 Spezifikation und zahlreichen Implementierungen ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Netzwerkverkehr zu manipulieren und um Informationen offenzulegen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories)…
[NEU] [mittel] GnuTLS: Mehrere Schwachstellen
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in GnuTLS ausnutzen, um einen Denial of Service Angriff durchzuführen oder Informationen offenzulegen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [mittel]…
NCA arrests four in connection with UK retail ransomware attacks
Crimefighting agency cagey on details, probes into intrusions at M&S, Harrods, and Co-op continue The UK’s National Crime Agency (NCA) arrested four individuals suspected of being involved with the big three cyberattacks on UK retail businesses in recent weeks.… This…
Booz Allen Invests in Machine Identity Firm Corsha
‘Machine identities’, often used interchangeably with ‘non-human identities’ (NHIs), have been increasing rapidly since the start of digital transformation. The post Booz Allen Invests in Machine Identity Firm Corsha appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs
Semiconductor company AMD is warning of a new set of vulnerabilities affecting a broad range of chipsets that could lead to information disclosure. The attacks, called Transient Scheduler Attacks (TSA), manifests in the form of a speculative side channel in…
New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App
Cybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called ZuRu, which is known to propagate via trojanized versions of legitimate software. SentinelOne, in a new report shared with The Hacker News, said the malware has been…
What Security Leaders Need to Know About AI Governance for SaaS
Generative AI is not arriving with a bang, it’s slowly creeping into the software that companies already use on a daily basis. Whether it is video conferencing or CRM, vendors are scrambling to integrate AI copilots and assistants into their…