A vulnerability in O2’s implementation of the IMS standard resulted in user location data being exposed in network responses. The post O2 Service Vulnerability Exposed User Location appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Category: EN
CloudSEK Raises $19 Million for Threat Intelligence Platform
Threat protection and intelligence firm CloudSEK raises $19 million in funding from new and existing investors. The post CloudSEK Raises $19 Million for Threat Intelligence Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Duping Cloud Functions: An emerging serverless attack vector
Cisco Talos built on Tenable’s discovery of a Google Cloud Platform vulnerability to uncover how attackers could exploit similar techniques across AWS and Azure. This article has been indexed from Cisco Talos Blog Read the original article: Duping Cloud Functions:…
New Nitrogen Ransomware Targets Financial Firms in the US, UK and Canada
Nitrogen, a ransomware strain, has emerged as a major threat to organizations worldwide, with a particular focus on… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: New Nitrogen…
Windows 11 Privilege Escalation Vulnerability Let Attackers Gain Admin Access in Under 300 Milliseconds
Security researchers have uncovered a critical vulnerability in Windows 11 that allowed attackers to escalate privileges from a standard user to system-level administrator in just 300 milliseconds. The flaw, tracked as CVE-2025-24076, has been patched by Microsoft but represents a…
How IoT Security Cameras Are Susceptible to Cyber Attacks
The proliferation of Internet of Things (IoT) devices – more specifically, security cameras – has forced organizations to rethink how they protect their physical hardware. Security cameras represent some of the most common IoT devices installed in business and commercial…
Government Organizations Lose Nearly a Month in Downtime for Every Ransomware Attack
Recent research by Comparitech reveals the shocking truth about ransomware attacks on government entities; they have a longer impact than anyone thought. Tracking over 1100 government-targeted ransomware attacks over a period of six years, researchers discovered that each day of…
UK’s Legal Aid Agency discloses a data breach following April cyber attack
The UK’s Legal Aid Agency suffered a cyberattack in April and has now confirmed that sensitive data was stolen during the incident. The Legal Aid Agency (LAA) revealed that it had suffered a cyberattack on its systems on April 23. …
Intruder vs. Pentest Tools vs. Attaxion: Selecting The Right Security Tool
While no one is immune to cyber threats, smaller organizations with very limited security budgets face the task of managing risks and implementing timely remediation very often without the resources to buy and maintain multiple tools. Security teams protecting these…
Microsoft Releases Emergency Fix for BitLocker Recovery Issue
Microsoft has released an emergency out-of-band update (KB5061768) to address a critical issue causing Windows 10 systems to boot into BitLocker recovery screens following the installation of the May 2025 security updates. The fix, released on May 19, comes after…
Madhu Gottumukkala Officially Announced as CISA Deputy Director
New CISA Deputy Director Madhu Gottumukkala has joined the agency from South Dakota’s Bureau of Information and Technology. The post Madhu Gottumukkala Officially Announced as CISA Deputy Director appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
The Windows Subsystem for Linux goes open source
Microsoft has officially open-sourced the Windows Subsystem for Linux (WSL), closing the very first issue ever filed on the Microsoft/WSL GitHub repository: “Will this be open source?” WSL allows developers to run unmodified Linux command-line tools, utilities, and applications directly…
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization
Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake. ESET, which first discovered the hacking group’s intrusions targeting the entity…
Italy Fines Replika AI Maker £4m Over Child Safety
Italian data regulator fines Luka, developer of Replika AI ‘virtual friend’, 5m euros for failure to prevent children from using service This article has been indexed from Silicon UK Read the original article: Italy Fines Replika AI Maker £4m Over…
AMD Sells ZT’s AI Server Manufacturing Unit To Sanmina
Sanmina to buy ZT Systems AI cloud server manufacturing business from AMD as company builds up US-based supply chain This article has been indexed from Silicon UK Read the original article: AMD Sells ZT’s AI Server Manufacturing Unit To Sanmina
Microsoft Issues Urgent Patch to Resolve BitLocker Recovery Problem
Microsoft has released an emergency update to address a critical issue affecting Windows 10 devices with specific Intel processors. The update (KB5061768) fixes a problem introduced in the May 13, 2025 security update that was causing unexpected system failures and…
O2 VoLTE Flaw Allows Tracking of Customers’ Locations Through Phone Calls
Significant privacy vulnerability in O2 UK’s Voice over LTE (VoLTE) implementation was recently discovered, allowing any caller to access precise location data of call recipients. The security flaw, which exposed sensitive information through IMS (IP Multimedia Subsystem) signaling messages, has…
Half of Consumers Targeted by Social Media Fraud Ads
Around half of US and UK consumers have seen fraud ads and content on ‘refund hacks’ on social media This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Consumers Targeted by Social Media Fraud Ads
Malicious npm Package in Koishi Chatbots Steals Sensitive Data in Real Time
Socket’s Threat Research Team has uncovered a dangerous npm package named koishi-plugin-pinhaofa, masquerading as a spelling-autocorrect helper for Koishi chatbots. Marketed innocently, this plugin embeds a insidious data-exfiltration backdoor that scans every incoming message for an eight-character hexadecimal string a…
Virgin Media O2 patches hole that let callers snoop on your coordinates
Researcher finds VoLTE metadata could be used to locate users within 100 meters UK telco Virgin Media O2 has fixed an issue with its 4G Calling feature that allowed users’ general location to be discerned by those who called them.……