A comprehensive cybersecurity investigation has revealed alarming vulnerabilities in the rapidly expanding solar energy infrastructure, with nearly 35,000 solar power devices found exposed to internet-based attacks across 42 vendors worldwide. The discovery underscores growing security concerns as renewable energy systems…
Category: EN
Meta open-sources AI tool to automatically classify sensitive documents
Meta has released an open source AI tool called Automated Sensitive Document Classification. It was originally built for internal use and is designed to find sensitive information in documents and apply security labels automatically. The tool uses customizable classification rules…
FortiMail Workspace Security expands protection beyond email to web and collaboration tools
Fortinet has enhanced its data and productivity security portfolio, expanding FortiMail with the launch of the FortiMail Workspace Security suite. These new capabilities extend protection not only to email but also to browser and collaboration security. These advancements, combined with new…
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems. The security defect, tracked as CVE-2025-20286, carries…
Law enforcement seized the carding marketplace BidenCash
U.S. and Dutch authorities took down 145 domains tied to the BidenCash cybercrime marketplace in a coordinated law enforcement operation. The US DoJ announced the seizure of approximately 145 darknet and clear web domains, and cryptocurrency funds associated with the…
The cloud security crisis no one’s talking about
Security teams are overwhelmed by a flood of alerts, most of which lack the context needed to accurately assess and espond to threats, according to ARMO. Respondents report receiving an average of 4,080 security alerts per month – or 136…
APT37 Hackers Mimic Academic Forum Invites To Deliver Malicious LNK Files Via Dropbox Platform
The North Korea-linked APT37 threat group has launched a sophisticated spear phishing campaign targeting South Korean activists and researchers focused on North Korean affairs, employing deceptive academic forum invitations to distribute malicious shortcut files through cloud-based infrastructure. The campaign, which…
China accuses Taiwan of running five feeble APT gangs, with US help
The authors who claimed America hacked itself to discredit Beijing are back with another report Beijing complains it’s under relentless attack by the equivalent of an ant trying to shake a tree China’s National Computer Virus Emergency Response Center on…
NPM Developers Targeted: Fake Packages Secretly Collecting Personal Data
Security experts are warning people who use NPM — a platform where developers share code — to be careful after finding several fake software packages that secretly collect information from users’ computers. The cybersecurity company Socket found around 60…
Google survey shows Americans are changing how they fight scams
If it seems like scams are popping up everywhere lately, you’re not wrong. A new survey from Google shows most Americans feel the same, and they’re starting to change how they handle things online because of it. But different age…
Healthcare organizations are at a turning point with AI
32% of healthcare executives say their organization suffered a breach in the past 12 months, and 46% say they are experiencing a higher volume of attacks, according to LevelBlue. AI brings hope and concern As AI promises healthcare organizations efficiency,…
Why SAP security updates are a struggle for large enterprises
In this Help Net Security video, Jonathan Stross, SAP Security Analyst at Pathlock, examines why managing SAP security updates is so complex for enterprises. From highly customized, interconnected environments to the pressure of real-time patching, Strauss highlights why keeping SAP…
New Malware Attack Deploys Malicious Chrome & Edge Extensions To Steal Sensitive Data
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting Brazilian users through malicious browser extensions designed to steal sensitive banking credentials and financial data. The operation, dubbed “Operation Phantom Enigma,” represents a significant escalation in banking trojans’ evolution, utilizing browser…
What the Arc Browser Story Reveals About the Future of Browser Security
By Dakshitaa Babu, Security Researcher, SquareX In a candid letter that Joshua Miller, CEO of Arc Browser, wrote to the community, he revealed a truth the tech industry has been dancing around: “the dominant operating system on desktop wasn’t Windows…
Meta, Yandex Covertly Tracked Billions of Android Users, According to Researcher
A report highlights how Meta and Yandex bypassed privacy and security controls to implement web-to-app tracking on Android users. This article has been indexed from Security | TechRepublic Read the original article: Meta, Yandex Covertly Tracked Billions of Android Users,…
Hackers Allegedly Leaked 86 Million AT&T Customer Records with Decrypted SSNs
A massive data breach involving AT&T, with hackers allegedly leaking personal information of 86 million customers. Hackers claimed to have successfully decrypted previously protected Social Security numbers and released the information on cybercrime forums. The breach, first posted on May…
IBM Cloud login breaks for second time this week and Big Blue isn’t saying why
To make matters worse, IBM’s security software has a critical vuln caused by exposed password IBM isn’t having its best week after the company experienced another cloudy outage and a critical-rated vulnerability.… This article has been indexed from The Register…
ISC Stormcast For Thursday, June 5th, 2025 https://isc.sans.edu/podcastdetail/9480, (Thu, Jun 5th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, June 5th, 2025…
Statement on California State Senate Advancing Dangerous Surveillance Bill
In the wake of the California State Senate’s passage of S.B. 690, the Electronic Frontier Foundation (EFF), TechEquity, Consumer Federation of California, Tech Oversight California, and ACLU California Action issued a joint statement warning that the bill would put the…
Play ransomware crims exploit SimpleHelp flaw in double-extortion schemes
Recompiled binaries and phone threats used to boost the pressure Groups linked with the Play ransomware have exploited more than 900 organizations, the FBI said Wednesday, and have developed a number of new techniques in their double-extortion campaigns – including…