Tag: EN

Veza Extends Reach to Secure and Govern AI Agents

Veza has added a platform to its portfolio that is specifically designed to secure and govern artificial intelligence (AI) agents that might soon be strewn across the enterprise. Currently in the process of being acquired by ServiceNow, the platform is…

Read more →

From Open Source to OpenAI: The Evolution of Third-Party Risk

From open source libraries to AI-powered coding assistants, speed-driven development is introducing new third-party risks that threat actors are increasingly exploiting. The post From Open Source to OpenAI: The Evolution of Third-Party Risk appeared first on SecurityWeek. This article has…

Read more →

How test data generators support compliance and data privacy

Whether you’re generating data from scratch or transforming sensitive production data, performant test data generators are critical tools for achieving compliance in development workflows. The post How test data generators support compliance and data privacy appeared first on Security Boulevard.…

Read more →

Android vs. iPhone: Which one is more secure?

<p>Android and iOS devices differ in a few ways, and security is one area where these differences affect organizations most.</p> <p>The choice between iPhones and Android devices has long been an issue of debate among IT departments looking to ensure…

Read more →

SantaStealer Joins the Naughty List of New Infostealers

SantaStealer is a new malware-as-a-service infostealer that steals credentials and data using largely in-memory techniques. The post SantaStealer Joins the Naughty List of New Infostealers appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…

Read more →

Güralp Systems Fortimus Series, Minimus Series, and Certimus Series

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. The following versions of Güralp Systems Fortimus Series, Minimus Series, and Certimus Series are affected: Fortimus Series (CVE-2025-14466) Minimus Series (CVE-2025-14466) Certimus Series…

Read more →

Johnson Controls PowerG, IQPanel and IQHub

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to read or write encrypted traffic or perform a replay attack. The following versions of Johnson Controls PowerG, IQPanel and IQHub are affected: PowerG (CVE-2025-61738, CVE-2025-61739, CVE-2025-26379, CVE-2025-61740)…

Read more →

Hitachi Energy AFS, AFR and AFF Series

View CSAF Summary Successful exploitation of this vulnerability could compromise the integrity of the product data and disrupt its availability. The following versions of Hitachi Energy AFS, AFR and AFF Series are affected: AFS 660-B/C/S (CVE-2024-3596) AFS 665-B/S (CVE-2024-3596) AFS…

Read more →

Mitsubishi Electric GT Designer3

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker obtain plaintext credentials from the project file for GT Designer3, which could result in illegally operating GOT2000 and GOT1000 series devices. The following versions of Mitsubishi Electric GT…

Read more →

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.  ICSA-25-350-01 Güralp Systems FMUS (Fortimus) Series and MIN (Minimus) Series ICSA-25-350-02 Johnson Controls PowerG, IQPanel and IQHub ICSA-25-350-03…

Read more →

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining. The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring…

Read more →