Popular car rental company Hertz began distributing a “notice of data incident” to customers worldwide, including customers in the USA. The letter mentions a cyber… The post Rental company Hertz reports a cyber incident appeared first on Panda Security Mediacenter.…
Category: EN
ASUS Router Flaw Allows Hackers to Remotely Execute Malicious Code
ASUS has acknowledged multiple critical vulnerabilities affecting its routers that could allow hackers to remotely execute malicious code, thereby compromising network security and user privacy. These flaws highlight the continuous challenges in securing IoT and networking devices against increasingly sophisticated…
Critical PyTorch Vulnerability Allows Hackers to Run Remote Code
A newly disclosed critical vulnerability (CVE-2025-32434) in PyTorch, the widely used open-source machine learning framework, allows attackers to execute arbitrary code on systems loading AI models—even when safety measures like weights_only=True are enabled. The flaw impacts all PyTorch versions ≤2.5.1 and has…
Hackers Exploiting Google’s OAuth System Flaws to Bypass Gmail Security Filters
A highly sophisticated phishing attack exploiting vulnerabilities in Google’s OAuth system has been identified. The attack, which successfully bypasses Gmail’s security filters, appears legitimate to users as it originates from authentic Google domains and passes all standard security checks, including…
Cybersecurity Today: Allegations Against Elon Musk, Microsoft Lockout Issues, Cozy Bear’s New Malware, and Canada’s Anti-Fraud Proposals
Cybersecurity Today: Allegations Against Elon Musk, Microsoft Lockout Issues, Cozy Bear’s New Malware, and Canada’s Anti-Fraud Proposals In this episode of Cybersecurity Today, hosted by David Shipley, we examine several major cybersecurity stories. A whistleblower accuses Elon Musk’s team’s involvement…
How the China-US Trade Tariff War Is Increasing Cybersecurity Concerns
The ongoing trade dispute between China and the United States, commonly referred to as the “tariff war,” has created far-reaching effects beyond economics and politics. One of the often overlooked consequences of this prolonged conflict is its growing impact on…
Cybercriminals Exploit Google OAuth Loophole to Evade Gmail Security
A sophisticated phishing attack exploiting a loophole in Google’s OAuth infrastructure has surfaced, raising significant concerns about the security of Gmail users worldwide. Security researcher Nick Johnson (@nicksdjohnson) recently shared details of the attack via social media, underscoring the urgent…
Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
Hawk Eye is an open-source tool that helps find sensitive data before it leaks. It runs from the command line and checks many types of storage for PII and secrets: passwords, API keys, and personal information. “Unlike most open-source tools…
Chinese smartphones now stealing cryptocurrency from wallets
The next time you’re looking for a budget-friendly smartphone, particularly one from a Chinese brand, you might want to proceed with caution. A recent warning from cybersecurity experts at Dr. Web, an anti-virus software company, suggests that purchasing low-cost smartphones…
Cybercriminals blend AI and social engineering to bypass detection
Attackers are focusing more on stealing identities. Because of this, companies need to use zero trust principles. They should also verify user identities more carefully, says DirectDefense. Researchers analyzed thousands of alerts, mapping them to the MITRE ATT&CK framework, a…
Cyber threats now a daily reality for one in three businesses
Businesses are losing out on an average of $98.5 million a year as a consequence of cyber threats, fraud, regulatory hurdles and operational inefficiencies, according to research from FIS and Oxford Economics. The cost of disharmony is highest among technology…
GitHub Enterprise Server Vulnerabilities Allows Arbitrary Code Execution
GitHub has issued urgent security updates for its Enterprise Server product after discovering multiple high-severity vulnerabilities, including a critical flaw (CVE-2025-3509) that allows attackers to execute arbitrary code and compromise systems. The vulnerabilities, which also expose sensitive repository data and…
Why CISOs are watching the GenAI supply chain shift closely
In supply chain operations, GenAI is gaining traction. But according to Logility’s Supply Chain Horizons 2025 report, many security leaders remain uneasy about what that means for data protection, legacy tech, and trust in automation. The survey of 500 global…
FOG Ransomware Spread by Cybercriminals Claiming Ties to DOGE
This blog details our investigation of malware samples that conceal within them a FOG ransomware payload. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: FOG Ransomware Spread by Cybercriminals Claiming Ties to…
ISC Stormcast For Monday, April 21st, 2025 https://isc.sans.edu/podcastdetail/9416, (Mon, Apr 21st)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, April 21st, 2025…
Cyber Security News Letter: Key Updates on Attacks, Vulnerabilities, & Data Breaches
Welcome to this week’s Cybersecurity Newsletter, where we provide the latest updates and critical insights from the swiftly changing realm of cybersecurity.This edition focuses on new threats and the evolving landscape of digital defenses. Key topics include sophisticated ransomware attacks…
Did DOGE “breach” Americans’ data? (Lock and Code S06E08)
This week on the Lock and Code podcast, we speak with Sydney Saubestre about DOGE and its access to Americans’ data. This article has been indexed from Malwarebytes Read the original article: Did DOGE “breach” Americans’ data? (Lock and Code…
Protected NHIs: Key to Cyber Resilience
Why is Management of Protected NHIs Essential? Protected Non-Human Identities (NHIs) have become a crucial factor for organizations looking to strengthen their cybersecurity framework. Given the surge in hacking attempts and data breaches, it is pertinent to ask, “How crucial…
Ensuring a Safe Environment with Least Privilege
Why Is Least Privilege Fundamental to Creating Safe Environments? Data is the new gold. If data volumes surge, so do cyber threats, making data protection a top priority. The principle of least privilege (POLP) crucially comes to play here. But…
Palantir exec defends company’s immigration surveillance work
One of the founders of startup accelerator Y Combinator offered unsparing criticism this weekend of the controversial data analytics company Palantir, leading a company executive to offer an extensive defense of Palantir’s work. The back-and-forth came after federal filings showed…