The French government has criticized Russia’s APT28 group for attacking 12 entities in a long-running espionage campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: France Slams Russia’s APT28 for Four-Year Cyber-Espionage Campaign
Category: EN
China-Linked Hackers Targeting Organizational Infrastructure and High-Value Clients
A leading U.S.-based cybersecurity firm, sophisticated cyber-espionage campaigns attributed to Chinese state-sponsored actors have come to light. Tracked as the PurpleHaze activity cluster, these adversaries have targeted SentinelOne’s infrastructure alongside high-value organizations associated with its business ecosystem. Uncovering the PurpleHaze…
CISA Warns SAP 0-day Vulnerability Exploited in the Wild
CISA has added a critical SAP NetWeaver vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on April 29, 2025. The zero-day flaw, tracked as CVE-2025-31324, carries a maximum CVSS score of 10.0 and has been actively exploited in the wild…
WhatsApp Introduces AI Tools With Promise of Full Message Secrecy
WhatsApp, the world’s largest messaging platform, has announced a major leap in privacy-preserving artificial intelligence (AI) with the introduction of its new “Private Processing” system. This technology enables users to access advanced AI features-such as message summarization and writing suggestions-while…
Hackers Leveraging GetShared to Deploy Malware Bypassing Defenses
Cybercriminals have discovered a new attack vector utilizing the legitimate file-sharing service GetShared to distribute malware and conduct phishing campaigns. This emerging threat allows attackers to circumvent traditional email security measures by exploiting the trusted status of notifications from recognized…
Cloud doesn’t mean secure: How Intruder finds what others miss
A cloud security platform that manages the attack surface and security vulnerabilities in AWS Sponsored post You’d be naïve to believe that the cloud is secure by default, and while most hosting services provide basic defenses, it’s not always clear…
AirPlay Vulnerabilities Expose Apple Devices to Zero-Click Takeover
Vulnerabilities in Apple’s AirPlay protocol could have allowed attackers to execute code remotely without user interaction. The post AirPlay Vulnerabilities Expose Apple Devices to Zero-Click Takeover appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Securonix brings autonomous decision-making to security operations
Securonix announced the next phase of Securonix EON, introducing modular GenAI Agents. These specialized, decision-capable agents are designed to perform high-impact jobs to be done (JTBD) across the threat detection, investigation, and response (TDIR) lifecycle. These intelligent security agents represent…
Skyhigh Security adds data protection solutions for Microsoft Copilot and ChatGPT Enterprise
Skyhigh Security announced the expansion of its Skyhigh AI offering to include additional data protection solutions for Copilot for Microsoft 365 and ChatGPT Enterprise. This development follows the company’s earlier introduction of Skyhigh AI, an advanced suite of AI-powered capabilities…
Docker Registry Vulnerability Lets macOS Users Access Any Registry Without Authorization
A recently discovered vulnerability in Docker Desktop for macOS is raising concerns in the developer and security communities. The flaw, which stems from the improper application of Registry Access Management (RAM) policies under certain conditions, could allow unauthorized access to potentially malicious…
This month in security with Tony Anscombe – April 2025 edition
From the near-demise of MITRE’s CVE program to a report showing that AI outperforms elite red teamers in spearphishing, April 2025 was another whirlwind month in cybersecurity This article has been indexed from WeLiveSecurity Read the original article: This month…
Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities
Chrome 136 and Firefox 138 were released in the stable channel with patches for multiple high-severity vulnerabilities. The post Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Torii launches agentic SaaS Management Platform
Torii unveiled Torii Eko, an agentic SaaS Management Platform, ushering in a new era of AI-powered execution for modern software management. Torii Eko includes three intelligent in-platform agents: Eko Assist, available now; and Eko Insight and Eko Act, both coming…
Arkose Labs launches Edge and Scraping Protection to secure enterprise digital borders
Arkose Labs has announced the expansion of its security portfolio with two new offerings: Arkose Edge and Arkose Scraping Protection. These innovations address the growing challenges large enterprises face in securing their complex digital perimeters and protecting valuable content from…
Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code
Meta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others. The framework, the company said, incorporates three guardrails, including PromptGuard 2,…
Verizon 2025 Report Alarming Rise in Cyberattacks Via Third-Parties
Verizon Business recently released its 2025 Data Breach Investigations Report (DBIR), revealing a disturbing trend in the cybersecurity landscape: third-party involvement in data breaches has doubled to 30% over the past year, creating unprecedented challenges for organizations worldwide. This significant…
Avast Antivirus Vulnerability Let Attackers Escalate Privileges
Security researchers have disclosed a critical vulnerability in Avast Free Antivirus that could allow attackers to gain elevated system privileges and execute malicious code with kernel-level access. The vulnerability, tracked as CVE-2025-3500, received a high CVSS score of 8.8 and…
Saviynt ISPM provides insights into an organization’s identity and access posture
Saviynt launched AI-powered Identity Security Posture Management (ISPM) as part of its converged Identity Cloud platform. Saviynt’s ISPM provides actionable insights into an organization’s identity and access posture, offering an intelligent starting point to prioritizing and remediating risks. “As GE…
Apple Airplay-Enabled Devices Can Be Hacked, Google tracked 75 zero days, France ties Russian APT28 hackers to 12 cyberattacks
Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi Google tracked 75 zero days exploited in the wild in 2024 France ties Russian APT28 hackers to 12 cyberattacks on French orgs Thanks to today’s episode sponsor, ThreatLocker ThreatLocker®…
Almost half of US teenagers think social media negatively impacts their peers
In a recent Pew Research report “Teens, Social Media and Mental Health”, teen participants confirmed that almost half of them think that social media negatively impacts… The post Almost half of US teenagers think social media negatively impacts their peers appeared…