Menlo Park, California, USA, 17th November 2025, CyberNewsWire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More Read the original article: Frentree Partners with AccuKnox to Expand Zero Trust CNAPP Security in…
Category: EN
Best-in-Class GenAI Security: When CloudGuard WAF Meets Lakera
Artificial intelligence is transforming every business process. From automating customer support to enabling autonomous decision-making, enterprises are rapidly embedding large language models (LLMs), generative AI, and intelligent agents into their core workflows. While AI accelerates innovation, it also expands the…
Critical RCE Vulnerabilities in AI Inference Engines Exposes Meta, Nvidia and Microsoft Frameworks
As artificial intelligence infrastructure rapidly expands, critical security flaws threaten the backbone of enterprise AI deployments. Security researchers at Oligo Security have uncovered a series of dangerous Remote Code Execution (RCE) vulnerabilities affecting major AI frameworks from Meta, NVIDIA, Microsoft,…
EVALUSION Campaign Using ClickFix Technique to deploy Amatera Stealer and NetSupport RAT
In November 2025, a new malware campaign emerged that combines social engineering tricks with advanced stealing tools. The attack starts when criminals trick users into running commands through the Windows Run window, a technique known as ClickFix. Once users follow…
CISA Warns of Fortinet FortiWeb WAF Vulnerability Exploited in the Wild to Gain Admin Access
CISA has issued an urgent alert about a critical vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF), actively exploited by threat actors to seize administrative control of affected systems. Tracked as CVE-2025-64446, the flaw stems from a relative path traversal…
Hackers Leverages Microsoft Entra Tenant Invitations to Launch TOAD Attacks
A new phishing campaign has emerged that weaponizes Microsoft Entra guest user invitations to deceive recipients into making phone calls to attackers posing as Microsoft support. The attack leverages a critical security gap in how Microsoft Entra communicates with external…
Synack unveils Sara Pentest to accelerate scalable AI-driven penetration testing
Synack has announced Sara Pentest, a new agentic AI product built on the Synack Autonomous Red Agent (Sara) architecture. Sara Pentest performs penetration testing on hosts and web applications, speeding up vulnerability detection and remediation and reducing the window of…
Dragon Breath Deploys Roninloader Ghosts
The cyber threat actor known as Dragon Breath is actively using a multi-stage loader, dubbed RONINGLOADER, to deliver a customized version of the Gh0st RAT The post Dragon Breath Deploys Roninloader Ghosts first appeared on CyberMaterial. This article has been…
Windows 10 Update Error 800f0922
Microsoft has acknowledged and is actively investigating a significant installation issue affecting the first Windows 10 Extended Security Update The post Windows 10 Update Error 800f0922 first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
Checkoutcom Rejects Hackers After Breach
Global payment processing firm Checkout, which operates checkout.com, recently disclosed a data breach orchestrated by the notorious cybercrime group The post Checkoutcom Rejects Hackers After Breach first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
EchoGram Flaw Bypasses Guardrails in Major LLMs
HiddenLayer reveals the EchoGram vulnerability, which bypasses safety guardrails on GPT-5.1 and other major LLMs, giving security teams just a 3-month head start. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More…
Iran-Linked SpearSpecter Campaign Leveraging Personalized Social Engineering Against High-Value Officials
Iranian threat actors aligned with the Islamic Revolutionary Guard Corps Intelligence Organization (IRGC-IO) are conducting a sophisticated espionage campaign tracked as SpearSpecter, systematically targeting high-value senior defense and government officials through personalized social engineering tactics. The threat group, operating under…
Critical RCE Flaws in AI Inference Engines Expose Meta, Nvidia, and Microsoft Frameworks
Security researchers at Oligo Security have uncovered a series of critical Remote Code Execution vulnerabilities affecting widely deployed AI inference servers from major technology companies. The flaws affect frameworks developed by Meta, NVIDIA, Microsoft, and open-source projects such as vLLM,…
IBM AIX Flaw Allows Remote Attackers to Run Arbitrary Commands
IBM has released critical security updates addressing four severe vulnerabilities in AIX and VIOS systems that could allow remote attackers to execute arbitrary commands, steal credentials, and traverse system directories. The vulnerabilities affect multiple AIX versions and require immediate patching.…
EVALUATION Campaign Using ClickFix Technique to Deploy Amatera Stealer and NetSupport RAT
eSentire’s Threat Response Unit (TRU) has uncovered a sophisticated malware campaign leveraging the ClickFix social engineering technique to distribute Amatera Stealer and NetSupport RAT, targeting cryptocurrency wallets, password managers, and sensitive credentials across multiple platforms. In November 2025, security researchers…
Surveillance tech provider Protei was hacked, its data stolen and its website defaced
The defacement of Protei’s website said “another DPI/SORM provider bites the dust,” apparently referring to the company selling its web intercept and surveillance products to phone and internet providers. This article has been indexed from Security News | TechCrunch Read…
Tech Park Operation in Bengaluru Uncovered in Cross-Border Malware Sca
The Bengaluru police have made a major breakthrough in their fight against a far-reaching cybercrime syndicate that was operating inside one of the city’s bustling technology parks by uncovering and dismantling an alleged tech-support fraud operation that was operating…
Investment Scams Surge Across the US as Fraudsters Exploit Social Media, Texts, and Crypto Boom
If you’ve ever received a random “Hi, how are you?” message from a stranger on text or social media, it may not be an accident. While sometimes harmless, these unexpected greetings are increasingly being used by cybercriminals attempting to…
Tesla’s Humanoid Bet: Musk Pins Future on Optimus Robot
Elon Musk envisions human-shaped robots, particularly the Optimus humanoid, as a pivotal element in Tesla’s future AI and robotics landscape, aiming to revolutionize both industry and daily life. Musk perceives these robots not merely as automated tools but as…
5 Reasons Why Attackers Are Phishing Over LinkedIn
Phishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps. LinkedIn in particular has become a hotbed for phishing attacks,…