WhatsApp, the world’s most popular messaging app, is entering a new era as Meta officially begins rolling out advertisements within its Updates tab—a move that marks the platform’s most significant shift in monetization since its inception. The announcement, made on…
Author: wordpress
Attackers target Zyxel RCE vulnerability CVE-2023-28771
GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP…
Where AI Provides Value
If you’ve worried that AI might take your job, deprive you of your livelihood, or maybe even replace your role in society, it probably feels good to see the latest AI tools fail spectacularly. If AI recommends glue as a…
Reddit’s new AI-powered tools scan your posts to serve you better ads
Reddit has announced more AI-powered tools to help advertisers. But do users care for it? This article has been indexed from Malwarebytes Read the original article: Reddit’s new AI-powered tools scan your posts to serve you better ads
Smart air fryers ordered to stop invading our digital privacy
In a confirmation that we’ve gone full Black Mirror, air fryer and other IoT manufacturers are being told to stop playing with our data. This article has been indexed from Malwarebytes Read the original article: Smart air fryers ordered to…
Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution
WatchTowr has found three vulnerabilities in the Sitecore Experience Platform, used by HSBC and L’Oréal This article has been indexed from www.infosecurity-magazine.com Read the original article: Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution
IT Security News Hourly Summary 2025-06-17 12h : 12 posts
12 posts were published in the last hour 9:40 : Windows 11: Update soll Fehler beheben, sorgt aber für neue Probleme 9:40 : Apple: Sicherheitslücke in diversen Betriebssystemen wird angegriffen 9:39 : Dutch Court Upholds Competition Ruling Against Apple 9:39…
ASUS Armoury Crate Vulnerability Lets Hackers Gain System-Level Access on Windows
A critical vulnerability in ASUS’s popular Armoury Crate software has exposed millions of Windows users to the risk of system-level compromise, according to a recent disclosure by Cisco Talos and confirmed by ASUS. The flaw, tracked as CVE-2025-3464, allows attackers…
Hackers Deliver Fileless AsyncRAT Using Clickfix Technique via Fake Verification Prompt
A sophisticated fileless malware campaign targeting German-speaking users has emerged, employing deceptive verification prompts to distribute AsyncRAT through the increasingly popular Clickfix technique. The malware masquerades as a legitimate “I’m not a robot” CAPTCHA verification, tricking victims into executing malicious…
XDSpy Threat Actors Leverages Windows LNKs Zero-Day Vulnerability to Attack Windows System Users
A sophisticated cyber espionage campaign attributed to the XDSpy threat actor has recently been discovered exploiting a zero-day vulnerability in Windows shortcut files. This threat actor, which has operated largely undetected from 2011 until its initial discovery in 2020, has…
Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers
CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild. The post Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation
We analyze two new KimJongRAT stealer variants, combining new research with existing knowledge. One uses a Portable Executable (PE) file and the other PowerShell. The post Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation appeared first on Unit…
Italy Opens DeepSeek Probe Over False Information
Italy’s consumer and competition regulator opens latest probe into Chinese AI start-up DeepSeek over failure to warn about ‘hallucinations’ This article has been indexed from Silicon UK Read the original article: Italy Opens DeepSeek Probe Over False Information
OpenAI In $200m Pentagon Deal
OpenAI strikes $200m deal to provide AI for combat and enterprise applications as its annualised revenues surge to $10bn This article has been indexed from Silicon UK Read the original article: OpenAI In $200m Pentagon Deal
Critical sslh Vulnerabilities Allow Remote Denial-of-Service Attacks
Security researchers disclosed two critical vulnerabilities in sslh, a widely used protocol multiplexer that enables multiple services—such as SSH, HTTPS, and OpenVPN—to share a single network port. These flaws, tracked as CVE-2025-46807 and CVE-2025-46806, could allow remote attackers to crash…
Water Curse Hacker Group Uses 76 GitHub Accounts to Spread Multistage Malware
A newly identified threat actor known as Water Curse has been linked to a sprawling campaign utilizing at least 76 GitHub accounts to distribute weaponized repositories packed with multistage malware. This financially motivated group leverages the inherent trust in open-source…
Are WAFs Obsolete? Pros, Cons, and What the Future Holds
Web Application Firewalls (WAFs) have long served as the front line of defense for web applications, filtering out malicious traffic and enforcing security policies. But as threats grow more sophisticated and application environments become more dynamic, many are questioning whether…
How Human Behavior Can Strengthen Healthcare Cybersecurity
Few sectors exemplify the enormous value of data as healthcare does. From the relatively mundane, such as digitalizing patient data for streamlined care, to the extraordinary, like the use of AI to revolutionize prostate cancer diagnosis and care, data is…
Hackers Actively Exploiting Zyxel RCE Vulnerability Via UDP Port
A significant spike was observed in exploitation attempts targeting CVE-2023-28771, a critical remote code execution vulnerability affecting Zyxel Internet Key Exchange (IKE) packet decoders. The coordinated attack campaign, observed on June 16, 2025, represents a concentrated burst of malicious activity…
Threat Actors Exploits OEM Permissions on Android Devices to Perform Privilege Escalation Attacks
Android users face a sophisticated security threat as malicious actors increasingly leverage legitimate system features to gain unauthorized access to devices. A concerning trend has emerged where attackers exploit Original Equipment Manufacturer (OEM) permissions to perform privilege escalation attacks, creating…