Security researchers have uncovered a significant vulnerability in Apache ActiveMQ, a popular open-source message broker used by enterprises to route data between applications. Tracked as CVE-2025-66168, this security flaw allows malicious actors to trigger unexpected broker behavior and potential denial-of-service…
Tag: EN
Transport for London says 2024 breach affected 7M customers, not 5,000
Authority says attackers accessed systems holding data tied to millions of Oyster and contactless users Transport for London has confirmed that a 2024 breach exposed the data of more than 7 million people – a far larger crowd than the…
Cyolo PRO 7.0 expands OT-first secure remote access with AI session intelligence
Cyolo has released Cyolo PRO (Privileged Remote Operations) v7.0, a major update that expands OT-first secure remote access and strengthens protection for critical infrastructure and industrial environments without disrupting operations. Secure remote access (SRA) tools focus primarily on managing access.…
Hexnode IdP brings device-aware authentication and zero trust to enterprise access
Hexnode has announced the launch of Hexnode IdP. By introducing this native identity layer, Hexnode delivers enterprise-grade authentication and identity management within a single, unified framework. While debuting as a dedicated Identity Provider (IdP), the solution marks a significant expansion…
U.S. CISA adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the…
Exploits and vulnerabilities in Q4 2025
This report provides statistical data on published vulnerabilities and exploits we researched during Q4 2025. It also includes summary data on the use of C2 frameworks in APT attacks. This article has been indexed from Securelist Read the original article:…
The Zero-Trust Paradox: Why Email Whitelists are Undoing Millions in Security Investment
Zero-trust collapses when email whitelists create permanent exceptions. Here’s why this hidden risk undermines modern security investments. The post The Zero-Trust Paradox: Why Email Whitelists are Undoing Millions in Security Investment appeared first on Security Boulevard. This article has been…
Cursor Automations turns code review and ops into background tasks
Cursor Automations, the always-on agent platform from Cursor, is expanding with a new generation of autonomous systems that streamline code review, incident response, and other engineering workflows. The platform runs AI agents on schedules or in response to development events.…
FBI Probes Attack On Intelligence Network
FBI says it is responding to cyber-incident reportedly involving system used to manage wiretaps, foreign intelligence surveillance warrants This article has been indexed from Silicon UK Read the original article: FBI Probes Attack On Intelligence Network
Amazon Hit By US E-Commerce Outage
Tens of thousands of users in US report errors, fluctuations in Amazon US e-commerce platform on Thursday This article has been indexed from Silicon UK Read the original article: Amazon Hit By US E-Commerce Outage
AWS-LC Flaw Exposes Amazon Users to Attacks by Bypassing Certificate Chain Validation
Amazon issued a critical security bulletin (2026-005-AWS) detailing three high-severity vulnerabilities in AWS-LC, its open-source cryptographic library. Discovered through a coordinated disclosure process with the AISLE Research Team, these flaws pose a serious risk to cloud infrastructure. Developers rely heavily…
16-28 February 2026 Cyber Attacks Timeline
In the second half of February 2026 I collected 80 events with a threat landscape dominated by malware with 42%, ahead of account takeovers and ransomware. This article has been indexed from HACKMAGEDDON Read the original article: 16-28 February 2026…
Google Confirms 90 Zero-Day Vulnerabilities Actively Exploited in 2025
The Google Threat Intelligence Group (GTIG) released its annual analysis, confirming that 90 zero-day vulnerabilities were actively exploited in the wild throughout 2025. While this marks a slight decrease from the record 100 zero-days in 2023, it represents a noticeable…
Data Security Firm Evervault Raises $25 Million in Series B Funding
The company has raised a total of $46 million in funding for its developer-focused encryption and orchestration platform. The post Data Security Firm Evervault Raises $25 Million in Series B Funding appeared first on SecurityWeek. This article has been indexed…
Collaboration Critical As Geopolitical Pressures, AI Reshape Cybersecurity
Collaboration is more important than ever—and doable—according to the WEF’s Global Security Outlook 2026 report. The post Collaboration Critical As Geopolitical Pressures, AI Reshape Cybersecurity appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article:…
OpenAI’s GPT-5.4 doubles down on safety as competition heats up
In the midst of recent developments and controversies surrounding a contract with the U.S. Department of Defense, OpenAI released the GPT-5.4 model. The release comes at a time when users are reportedly leaving ChatGPT for rival chatbots, particularly Anthropic’s Claude.…
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications infrastructure in South America since 2024, targeting Windows and Linux systems and edge devices with three different implants. The activity is being tracked by Cisco Talos under the…
Google GTIG: 90 zero-day flaws exploited in 2025 as enterprise targets grow
Google’s GTIG reports 90 zero-day vulnerabilities exploited in the wild in 2025, up from 78 in 2024, with a growing share targeting enterprise systems. Google’s Threat Intelligence Group (GTIG) identified 90 zero-day vulnerabilities exploited in the wild in 2025. While…
Fake CleanMyMac site installs SHub Stealer and backdoors crypto wallets
We uncovered a fake CleanMyMac site delivering SHub Stealer, a macOS infostealer that steals credentials and silently backdoors crypto wallets. This article has been indexed from Malwarebytes Read the original article: Fake CleanMyMac site installs SHub Stealer and backdoors crypto…
Meta Rolls Out Charges For Third-Party Chatbots On WhatsApp
Facebook parent Meta reopens WhatsApp API access to third-party chatbots for fee, seeking to head off EU injunction ordering it to do so This article has been indexed from Silicon UK Read the original article: Meta Rolls Out Charges For…