The 2025 Data Risk Report: Enterprises face potentially serious data loss risks from AI-fueled tools. Adopting a unified, AI-driven approach to data security can help. As businesses increasingly rely on cloud-driven platforms and AI-powered tools to accelerate digital transformation, the…
Category: EN
Wing FTP Server RCE Vulnerability Under Active Exploitation
Security researchers at Huntress have confirmed active exploitation of a critical remote code execution vulnerability in Wing FTP Server, designated CVE-2025-47812, with the first observed attack occurring just one day after the vulnerability’s public disclosure. The flaw affects versions before…
British Man Sentenced for Network Rail Wi-Fi Hack
The man was handed a suspended prison sentence for offenses relating to the hack of Network Rail public Wi-Fi, exposing customers to offensive messaging This article has been indexed from www.infosecurity-magazine.com Read the original article: British Man Sentenced for Network…
Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques
SLOW#TEMPEST malware uses dynamic jumps and obfuscated calls to evade detection. Unit 42 details these techniques and how to defeat them with emulation. The post Evolving Tactics of SLOW#TEMPEST: A Deep Dive Into Advanced Malware Techniques appeared first on Unit…
IT Giant Ingram Micro Restores Operations After Ransomware Attack
Ingram Micro Holding Corporation (NYSE: INGM), a global leader in IT distribution and technology solutions, has announced that it has successfully restored operations across all countries and regions following a ransomware attack identified on certain internal systems. The incident, first…
CISA Issues 13 New Advisories on Industrial Control System Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released thirteen new Industrial Control Systems (ICS) advisories, spotlighting a range of security vulnerabilities and potential exploits affecting critical infrastructure components. These advisories are a vital resource for organizations relying on ICS technologies,…
CISA Alerts on Active Exploits Targeting Citrix NetScaler ADC and Gateway Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding active exploitation of a newly discovered vulnerability in Citrix NetScaler ADC and Gateway systems, with organizations facing an immediate deadline to implement protective measures. The vulnerability, designated…
UK Online Safety Act ‘not up to scratch’ on misinformation, warn MPs
Last summer’s riots show how some content can be harmful but not illegal The Online Safety Act fails to tackle online misinformation, leaving the UK in need of further regulation to curb the viral spread of false content, a report…
Rockerbox Data Leak – 245,949 User Records Exposed Including SSNs and Driver’s Licenses
The Rockerbox breach burst onto the threat-intelligence radar in early July 2025 when an unencrypted, 286.9 GB cloud repository holding 245,949 highly sensitive records was found openly indexed on the internet. Investigators traced the trove to Rockerbox, a Dallas-based tax-credit…
Apache HTTP Server 2.4.64 Released With Patch for 8 Vulnerabilities
The Apache Software Foundation has released Apache HTTP Server version 2.4.64, addressing eight critical security vulnerabilities that affected versions spanning from 2.4.0 through 2.4.63. This latest update resolves a range of issues, including HTTP response splitting, server-side request forgery (SSRF),…
AMD Warns of Transient Scheduler Attacks Affecting Wide Range of Chipsets
Advanced Micro Devices has disclosed a series of critical security vulnerabilities affecting multiple generations of its processor architectures, stemming from transient scheduler attacks that exploit speculative execution mechanisms. The vulnerabilities, identified through four distinct Common Vulnerabilities and Exposures (CVE) entries,…
Russian Basketball Player Arrested over Alleged Ransomware Attack Claims
A Russian professional basketball player has been arrested in France on charges of orchestrating one of the most extensive ransomware campaigns in recent history, targeting nearly 900 companies and federal institutions between 2020 and 2022. The case highlights the growing…
McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications
Two vulnerabilities in an internal API allowed unauthorized access to contacts and chats, exposing the information of 64 million McDonald’s applicants. The post McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications appeared first on SecurityWeek. This article has been…
Behind the code: How developers work in 2025
How are developers working in 2025? Docker surveyed over 4,500 people to find out, and the answers are a mix of progress and ongoing pain points. AI is gaining ground but still unevenly used. Security is now baked into everyday…
Indian Cyber Espionage Group Targets Italian Government
DoNot APT, also known as APT-C-35, traditionally operates exclusively in South Asia This article has been indexed from www.infosecurity-magazine.com Read the original article: Indian Cyber Espionage Group Targets Italian Government
New eSIM Hack Allows Attackers to Clone Your eSIM Profile
A critical vulnerability has been identified in the GSMA TS.48 Generic Test Profile versions 6.0 and earlier, which are widely used across the eSIM industry for radio compliance testing. This flaw enables attackers with physical access to an embedded Universal…
U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler ADC and Gateway, tracked as CVE-2025-5777, to its…
TikTok Faces Fresh European Privacy Investigation Over China Data Transfers
The Irish Data Privacy Commission announced that TikTok is facing a new European Union privacy investigation into user data sent to China. The post TikTok Faces Fresh European Privacy Investigation Over China Data Transfers appeared first on SecurityWeek. This article…
Critical Wing FTP Server Vulnerability Exploited
Wing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges. The post Critical Wing FTP Server Vulnerability Exploited appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Over Half of “Finfluencer” Victims Have Lost Money, Says TSB
British bank TSB warns of rise of “finfluencers” who dispense dubious financial advice online This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half of “Finfluencer” Victims Have Lost Money, Says TSB