Stolen Kettering Health data published Reddit sues Anthropic for scraping North Face website customer accounts breached Huge thanks to our sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks…
How to secure your portable devices against cyberthreats
Portable devices such as smartphones, tablets, and laptops have become integral to our daily routines, storing a wealth of sensitive personal and professional information. As… The post How to secure your portable devices against cyberthreats appeared first on Panda Security…
Hackers Exploit Roundcube Vulnerability to Steal User Credentials via XSS Attack
A recent spearphishing campaign targeting Polish entities has been attributed with high confidence to the UNC1151 threat actor, a group linked to Belarusian state interests and, according to some sources, Russian intelligence services. CERT Polska reports that the attackers leveraged…
Hackers Using New Sophisticated iMessage 0-Click Exploit to Attack iPhone Users
A previously unknown zero-click vulnerability in Apple’s iMessage appears to have been exploited by sophisticated threat actors targeting high-profile individuals across the United States and the European Union. The vulnerability, dubbed “NICKNAME,” affected iOS versions up to 18.1.1 and was…
June 2025 Patch Tuesday forecast: Second time is the charm?
Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout May. The May Patch Tuesday release of updates was typical in number of vulnerabilities addressed with 41 in both Windows 10 and 11, and their associated servers. They…
Claroty enhances xDome platform with Device Purpose and Risk Benchmarking capabilities
Claroty announced new capabilities in its SaaS-based Claroty xDome platform that provide organizations with an impact-centric view of their CPS environment. The new additions, Device Purpose and Risk Benchmarking, allow users to see how the overall risk of an environment…
Pathlock helps organizations protect their SAP environments from development to deployment
Pathlock announced a major expansion of its SAP cybersecurity offerings, introducing a new portfolio of value-driven and easy-to-deploy SAP cybersecurity solutions, including a Free Edition. Designed to deliver maximum value and fast time-to-protection, the launch marks a significant step toward…
Cyber Extortion, Ukraine’s Cyber Offensive, and Chrome Trust Shake-up
Cybersecurity Today, hosted by Jim Love, delves into the latest in cyber threats. Cyber criminals have breached 20 organizations via convincing fake IT support calls, targeting Salesforce data for extortion. Ukraine’s intelligence claims a significant cyber operation against Russia’s…
Protecting patient data starts with knowing where it’s stored
Patient data is often stored or processed outside the country where it was collected. When that happens, the data falls under the laws of the country where it resides. Depending on those laws, local governments may have legal access to…
Why IAM should be the starting point for AI-driven cybersecurity
In this Help Net Security interview, Benny Porat, CEO at Twine Security, discusses applying AI agents to security decisions. He explains why identity and access management (IAM) is the ideal starting point for both augmentation and automation, and shares advice…
BladedFeline: Whispering in the dark
ESET researchers analyzed a cyberespionage campaign conducted by BladedFeline, an Iran-aligned APT group with likely ties to OilRig This article has been indexed from WeLiveSecurity Read the original article: BladedFeline: Whispering in the dark
IT Security News Hourly Summary 2025-06-06 06h : 2 posts
2 posts were published in the last hour 4:2 : PumaBot: A New Malware That Sneaks into Smart Devices Using Weak Passwords 4:2 : Cerebras Unveils World’s Fastest AI Chip, Beating Nvidia in Inference Speed
Ransomware and USB attacks are hammering OT systems
Ransomware, trojans, and malware delivered through USB devices are putting growing pressure on industrial systems, according to the Honeywell 2025 Cyber Threat Report, which draws on data from monitoring tools deployed across industrial sites around the world. The findings highlight…
AI becomes key player in enterprise ransomware defense
Ransomware breaches continue to rise even as fewer victims pay, according to a Delinea report. 69% of organizations globally have fallen victim to ransomware, with 27% being hit more than once. While only 57% of organizations paid ransoms, down from…
Misconfigured HMIs Expose US Water Systems to Anyone With a Browser
Censys researchers follow some clues and find hundreds of control-room dashboards for US water utilities on the public internet. The post Misconfigured HMIs Expose US Water Systems to Anyone With a Browser appeared first on SecurityWeek. This article has been…
New infosec products of the week: June 6, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Akamai, AttackIQ, Barracuda Networks, Bitdefender, Fortinet, Malwarebytes, and Varonis. Bitdefender unifies security, risk management, and compliance in a single platform Bitdefender announced GravityZone Compliance Manager,…
PumaBot: A New Malware That Sneaks into Smart Devices Using Weak Passwords
A recently found malware called PumaBot is putting many internet-connected devices at risk. This malicious software is designed to attack smart systems like surveillance cameras, especially those that use the Linux operating system. It sneaks in by guessing weak…
Cerebras Unveils World’s Fastest AI Chip, Beating Nvidia in Inference Speed
In a move that could redefine AI infrastructure, Cerebras Systems showcased its record-breaking Wafer Scale Engine (WSE) chip at Web Summit Vancouver, claiming it now holds the title of the world’s fastest AI inference engine. Roughly the size of…
AMOS macOS Stealer Distributed Via Clickfix Bypasses macOS Security & Execute Malware
A sophisticated malware campaign has emerged targeting macOS users through typo-squatted domains mimicking Spectrum, the major U.S. telecommunications provider. The attack employs a new variant of Atomic macOS Stealer (AMOS) disguised as a CAPTCHA verification system, demonstrating cybercriminals’ evolving tactics…
CISA Warns of Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code
CISA has issued an urgent warning about a critical zero-day vulnerability in Google Chrome’s V8 JavaScript engine that is being actively exploited by cybercriminals to execute arbitrary code on victims’ systems. On June 5, 2025, CISA added CVE-2025-5419 to its…
ISC Stormcast For Friday, June 6th, 2025 https://isc.sans.edu/podcastdetail/9482, (Fri, Jun 6th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, June 6th, 2025…
IT Security News Hourly Summary 2025-06-06 03h : 6 posts
6 posts were published in the last hour 1:3 : Upcoming DShield Honeypot Changes and Customizations, (Fri, Jun 6th) 1:3 : The best secure browsers for privacy in 2025: Expert tested 1:3 : DCRat Attacking Users In Latin America To…
Upcoming DShield Honeypot Changes and Customizations, (Fri, Jun 6th)
There are some upcoming DShield honeypot [1] changes that introduce some opportunities for additional customization and data analysis. For most users, no additional actions are needed. A couple of those changes: This article has been indexed from SANS Internet Storm…
The best secure browsers for privacy in 2025: Expert tested
I’ve found the best browsers around that prioritize user security and privacy over revenue through tracking and data collection. This article has been indexed from Latest stories for ZDNET in Security Read the original article: The best secure browsers for…