Collaborative tools are really popular these days. Since the COVID-19 pandemic, many people switched to remote work positions and we need to collaborate with our colleagues or customers every day. Tools like Microsoft Teams, Zoom, WebEx, (name your best solution),…
Category: EN
ColoCrossing – 7,183 breached accounts
In May 2025, hosting provider ColoCrossing identified a data breach that impacted customers of their ColoCloud virtual server product. ColoCrossing advised the incident was isolated to their cloud/VPS platform and stemmed from a single sign-on vulnerability. 7k email addresses were…
AI kept 15-year-old zombie vuln alive, but its time is drawing near
Researchers have come up with a fix for a path traversal bug first spotted in 2010 A security bug that surfaced fifteen years ago in a public post on GitHub has survived developers’ attempts on its life.… This article has…
Vodafone Germany Fined $51 Million Over Privacy, Security Failures
Germany fined Vodafone $51 million for failing to protect user data from partners and unauthorized third-parties. The post Vodafone Germany Fined $51 Million Over Privacy, Security Failures appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Addressing API Security with NIST SP 800-228
According to the Wallarm Q1 2025 ThreatStats report, 70% of all application attacks target APIs. The industry can no longer treat API security as a sidenote; it’s time to treat it as the main event. NIST seems to be on…
35,000 Solar Power Systems Exposed To Internet Are Vulnerable To Cyberattacks
A comprehensive cybersecurity investigation has revealed alarming vulnerabilities in the rapidly expanding solar energy infrastructure, with nearly 35,000 solar power devices found exposed to internet-based attacks across 42 vendors worldwide. The discovery underscores growing security concerns as renewable energy systems…
Meta open-sources AI tool to automatically classify sensitive documents
Meta has released an open source AI tool called Automated Sensitive Document Classification. It was originally built for internal use and is designed to find sensitive information in documents and apply security labels automatically. The tool uses customizable classification rules…
FortiMail Workspace Security expands protection beyond email to web and collaboration tools
Fortinet has enhanced its data and productivity security portfolio, expanding FortiMail with the launch of the FortiMail Workspace Security suite. These new capabilities extend protection not only to email but also to browser and collaboration security. These advancements, combined with new…
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems. The security defect, tracked as CVE-2025-20286, carries…
Law enforcement seized the carding marketplace BidenCash
U.S. and Dutch authorities took down 145 domains tied to the BidenCash cybercrime marketplace in a coordinated law enforcement operation. The US DoJ announced the seizure of approximately 145 darknet and clear web domains, and cryptocurrency funds associated with the…
The cloud security crisis no one’s talking about
Security teams are overwhelmed by a flood of alerts, most of which lack the context needed to accurately assess and espond to threats, according to ARMO. Respondents report receiving an average of 4,080 security alerts per month – or 136…
APT37 Hackers Mimic Academic Forum Invites To Deliver Malicious LNK Files Via Dropbox Platform
The North Korea-linked APT37 threat group has launched a sophisticated spear phishing campaign targeting South Korean activists and researchers focused on North Korean affairs, employing deceptive academic forum invitations to distribute malicious shortcut files through cloud-based infrastructure. The campaign, which…
China accuses Taiwan of running five feeble APT gangs, with US help
The authors who claimed America hacked itself to discredit Beijing are back with another report Beijing complains it’s under relentless attack by the equivalent of an ant trying to shake a tree China’s National Computer Virus Emergency Response Center on…
NPM Developers Targeted: Fake Packages Secretly Collecting Personal Data
Security experts are warning people who use NPM — a platform where developers share code — to be careful after finding several fake software packages that secretly collect information from users’ computers. The cybersecurity company Socket found around 60…
Google survey shows Americans are changing how they fight scams
If it seems like scams are popping up everywhere lately, you’re not wrong. A new survey from Google shows most Americans feel the same, and they’re starting to change how they handle things online because of it. But different age…
Healthcare organizations are at a turning point with AI
32% of healthcare executives say their organization suffered a breach in the past 12 months, and 46% say they are experiencing a higher volume of attacks, according to LevelBlue. AI brings hope and concern As AI promises healthcare organizations efficiency,…
Why SAP security updates are a struggle for large enterprises
In this Help Net Security video, Jonathan Stross, SAP Security Analyst at Pathlock, examines why managing SAP security updates is so complex for enterprises. From highly customized, interconnected environments to the pressure of real-time patching, Strauss highlights why keeping SAP…
New Malware Attack Deploys Malicious Chrome & Edge Extensions To Steal Sensitive Data
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting Brazilian users through malicious browser extensions designed to steal sensitive banking credentials and financial data. The operation, dubbed “Operation Phantom Enigma,” represents a significant escalation in banking trojans’ evolution, utilizing browser…
What the Arc Browser Story Reveals About the Future of Browser Security
By Dakshitaa Babu, Security Researcher, SquareX In a candid letter that Joshua Miller, CEO of Arc Browser, wrote to the community, he revealed a truth the tech industry has been dancing around: “the dominant operating system on desktop wasn’t Windows…
Meta, Yandex Covertly Tracked Billions of Android Users, According to Researcher
A report highlights how Meta and Yandex bypassed privacy and security controls to implement web-to-app tracking on Android users. This article has been indexed from Security | TechRepublic Read the original article: Meta, Yandex Covertly Tracked Billions of Android Users,…