A recently discovered vulnerability in Apache SkyWalking, a popular application performance monitoring tool, could allow attackers to execute malicious scripts and launch cross-site scripting (XSS) attacks. The flaw, identified as CVE-2025-54057, affects all versions of SkyWalking up to 10.2.0. CVE…
Tag: EN
OpenAI Reveals Mixpanel Data Breach Exposing User Details
OpenAI has publicly disclosed a security incident involving a data breach at Mixpanel, a third-party analytics provider previously used by the company for monitoring usage on its API platform. The breach exposed limited but sensitive user information, including names, email…
Crypto Exchange Upbit Suffers Security Breach After $10B Deal
The timing is awful. The breach occurred just hours after its parent company, Dunamu Inc., unveiled a massive $10.3 billion takeover by tech giant Naver Corp. The post Crypto Exchange Upbit Suffers Security Breach After $10B Deal appeared first on…
When Buyers Discount MSPs With One Big Customer
Your biggest customer loves you. Three years together. They trust you, pay on time, and refer others. From where you sit, that’s loyalty. From where a buyer sits, that’s a $$$ discount on your exit. This perception gap kills more…
Waymo Robotaxi Films Deadly San Francisco Shooting
A Waymo autonomous vehicle may have captured video footage of a fatal shooting incident in San Francisco’s Mission neighborhood over the weekend, highlighting the emerging role of self-driving cars as potential witnesses in criminal investigations. The incident resulted in one…
Russian-Linked Surveillance Tech Firm Protei Hacked, Website Defaced and Data Published
A telecommunications technology provider with ties to Russian surveillance infrastructure has reportedly suffered a major cybersecurity breach. The company, Protei, which builds systems used by telecom providers to monitor online activity and restrict access to websites and platforms, had…
Detego DFIR Platform centralizes evidence, workflows, and real-time case insights
Detego Global has announced the launch of Detego Case Manager for DFIR, a purpose-built platform designed to meet the evolving demands of digital forensics and incident response (DFIR) teams. Developed in close collaboration with investigative professionals, Detego Case Manager for…
Openai User Data Exposed In Mixpanel Hack
Product analytics and event-tracking solutions provider Mixpanel recently disclosed a security incident that they detected on November 8. The post Openai User Data Exposed In Mixpanel Hack first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the…
Amazon Uses AI Agents For Bug Hunting
Generative AI is simultaneously speeding up software development and empowering digital attackers, placing immense pressure on technology The post Amazon Uses AI Agents For Bug Hunting first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read the original…
Hackers Use Blender Assets To Spread StealC
An ongoing malicious operation, active for a minimum of six months, has been utilizing Blender Foundation files to deliver the StealC V2 information stealer. The post Hackers Use Blender Assets To Spread StealC first appeared on CyberMaterial. This article has…
AI Security Firm Vijil Raises 17 Million
Cybersecurity firm Vijil has successfully completed a Series A funding round, raising $17 million. This investment brings the company’s total funding The post AI Security Firm Vijil Raises 17 Million first appeared on CyberMaterial. This article has been indexed from…
Toddycat Tools Steal Outlook And M365 Data
The hacking group ToddyCat, active since 2020, has a documented history of targeting various organizations across Europe and Asia. The post Toddycat Tools Steal Outlook And M365 Data first appeared on CyberMaterial. This article has been indexed from CyberMaterial Read…
UK Budget 2025: Reactions From Tech Leaders
While many leaders welcome fresh commitments to AI infrastructure and innovation, others warn about limited investment and a lack of cyber resilience. The post UK Budget 2025: Reactions From Tech Leaders appeared first on TechRepublic. This article has been indexed…
Cyberattack on Multiple London Councils Exposes Fragility of Shared Public-Sector Systems
Several major London boroughs, including Westminster, Kensington and Chelsea, and Hammersmith & Fulham, are facing serious disruption after a cyberattack crippled key IT systems, preventing residents from accessing frontline services and raising fears of data exposure, according to reports. While…
Hackers Actively Exploiting IoT Vulnerabilities to Deploy New ShadowV2 Malware
During late October 2025, a new malware campaign dubbed ShadowV2 emerged, coinciding with a global AWS disruption. This sophisticated threat actively exploits vulnerabilities in IoT devices to assemble a botnet for distributed denial-of-service (DDoS) attacks. The malware’s rapid deployment indicates…
Gitlab Patches Multiple Vulnerabilities that Enable Authentication Bypass and DoS Attacks
GitLab has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE) to address multiple high-severity vulnerabilities. The patches, rolled out in versions 18.6.1, 18.5.3, and 18.4.5, fix security flaws that could allow attackers to bypass authentication, steal user credentials,…
North Korean Hackers Exploiting npm, GitHub, and Vercel to Deliver OtterCookie Malware
A major security threat has emerged targeting software developers worldwide. North Korean state-sponsored threat actors, operating under the “Contagious Interview” campaign, are systematically spreading malicious packages across npm, GitHub, and Vercel infrastructure to deliver OtterCookie malware. This sophisticated multi-stage operation…
KawaiiGPT – Free WormGPT Variant Leveraging DeepSeek, Gemini, and Kimi-K2 AI Models
KawaiiGPT emerges as an accessible, open-source tool that mimics the controversial WormGPT, providing unrestricted AI assistance via jailbroken large language models. Hosted on GitHub with over 188 stars and 52 forks, it requires no API keys and installs quickly on…
FCC sounds alarm after emergency tones turned into potty-mouthed radio takeover
Agency flags hijacks of insecure studio-to-transmitter gear after attackers pipe in fake alerts and vulgar audio Malicious intruders have hijacked US radio gear to turn emergency broadcast tones into a profanity-laced alarm system.… This article has been indexed from The…
Asahi Confirms 1.5 Million Customers Affected in Major Cyber-Attack
Almost two million people may have seen their personal data exposed following a large-scale cyberattack that hit Asahi in September 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: Asahi Confirms 1.5 Million Customers Affected in Major…