Atlassian has released software updates for Bamboo, Bitbucket, Confluence, Crowd, Fisheye/Crucible, and Jira. The post Atlassian Patches Critical Apache Tika Flaw appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Atlassian Patches Critical Apache…
Category: securityweek
700Credit Data Breach Impacts 5.8 Million Individuals
Hackers stole names, addresses, dates of birth, and Social Security numbers from the credit report and identity verification services provider. The post 700Credit Data Breach Impacts 5.8 Million Individuals appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw
Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack. The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek. This article has been indexed from…
In Other News: PromptPwnd Attack, macOS Bounty Complaints, Chinese Hackers Trained in Cisco Academy
Other noteworthy stories that might have slipped under the radar: Pentagon orders accelerated move to PQC, US shuts down scheme to smuggle GPUs to China, DroidLock Android ransomware. The post In Other News: PromptPwnd Attack, macOS Bounty Complaints, Chinese Hackers…
In Other News: PromptPwnd Attack, Small macOS Bounties, Chinese Hackers Trained in Cisco Academy
Other noteworthy stories that might have slipped under the radar: Pentagon orders accelerated move to PQC, US shuts down scheme to smuggle GPUs to China, DroidLock Android ransomware. The post In Other News: PromptPwnd Attack, Small macOS Bounties, Chinese Hackers…
Gladinet CentreStack Flaw Exploited to Hack Organizations
Threat actors have hacked at least nine organizations by exploiting the recently patched Gladinet CentreStack flaw. The post Gladinet CentreStack Flaw Exploited to Hack Organizations appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Fieldtex Data Breach Impacts 238,000
The Akira ransomware group took credit for the Fieldtex Products hack in November, claiming to have stolen 14 Gb of data. The post Fieldtex Data Breach Impacts 238,000 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Recent GeoServer Vulnerability Exploited in Attacks
Because user input is not sufficiently sanitized, attackers could exploit the flaw to define external entities within an XML request. The post Recent GeoServer Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities
XSS remains the top software weakness, followed by SQL injection and CSRF. Buffer overflow issues and improper access control make it to top 25. The post MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities appeared first on…
$320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits
Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities. The post $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking
Notepad++ found a vulnerability in the way the software updater authenticates update files. The post Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Notepad++…
Microsoft Bug Bounty Program Expanded to Third-Party Code
All critical vulnerabilities in Microsoft, third-party, and open source code are eligible for rewards if they impact Microsoft services. The post Microsoft Bug Bounty Program Expanded to Third-Party Code appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Trump Signs Executive Order to Block State AI Regulations
Members of Congress from both parties have pushed for more regulations on AI, saying there is not enough oversight for the powerful technology. The post Trump Signs Executive Order to Block State AI Regulations appeared first on SecurityWeek. This article…
Virtual Event Today: Cyber AI & Automation Summit Day 2
Day two of the Cyber AI & Automation Summit kicks off at 11AM ET. If you weren’t able to attend yesterday, all Day One sessions are already available on-demand. The post Virtual Event Today: Cyber AI & Automation Summit Day…
Former Accenture Employee Charged Over Cybersecurity Fraud
Danielle Hillmer allegedly concealed the fact that her employer’s cloud platform did not meet DoD requirements. The post Former Accenture Employee Charged Over Cybersecurity Fraud appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations
Eleven companies took part in the evaluations and several have boasted 100% detection and coverage rates. The post MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
IBM Patches Over 100 Vulnerabilities
Most of the 100 vulnerabilities resolved this week, including critical flaws, were in third-party dependencies. The post IBM Patches Over 100 Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: IBM Patches Over…
Unpatched Gogs Zero-Day Exploited for Months
The exploited flaw allows attackers to overwrite files outside the repository, leading to remote code execution. The post Unpatched Gogs Zero-Day Exploited for Months appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Unpatched…
Wide Range of Malware Delivered in React2Shell Attacks
Cybersecurity companies have been seeing a wide range of malware being delivered in attacks exploiting the critical React vulnerability dubbed React2Shell. A researcher discovered recently that React, the popular open source library for creating application user interfaces, is affected by…
Pierce County Library Data Breach Impacts 340,000
In April 2025, hackers stole personal information belonging to patrons and employees and their family members. The post Pierce County Library Data Breach Impacts 340,000 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…