The cybersecurity field moves quickly, with new research surfacing regularly and threat actors constantly shifting their approaches. We’ve gathered five recent research topics that caught our attention, each offering a different angle on the current threat landscape and the creative…
Tag: EN
Germany, Nvidia To Build AI Factories For Industrial Use
Germany is to use tens of thousands of Nvidia GPUs to power ‘AI factories’ in the country for industrial applications This article has been indexed from Silicon UK Read the original article: Germany, Nvidia To Build AI Factories For Industrial…
Multiple GitLab Vulnerabilities Expose Users to Complete Account Takeover Risks
GitLab, the widely used DevSecOps platform, has released urgent security updates addressing multiple high-severity vulnerabilities that could allow attackers to take over user accounts, inject malicious code, and disrupt services. The new versions—18.0.2, 17.11.4, and 17.10.8 for both Community Edition…
SoftBank DataBreach – 137,000 Users Personal Data Exposed From Third-party Service Provider
SoftBank Corporation, an investment holding company, disclosed a significant data breach affecting 137,156 mobile subscribers through compromised third-party infrastructure. The incident, which occurred in December 2024 but was only discovered in March 2025, represents a critical failure in vendor security…
CyberEYE RAT Disable Windows Defender Using PowerShell and Registry Manipulations
A sophisticated new Remote Access Trojan known as CyberEYE has emerged as a significant threat to Windows systems, demonstrating advanced capabilities to completely disable Windows Defender through a combination of PowerShell commands and registry manipulations. This modular, .NET-based malware leverages…
Microsoft Patched Windows Server 2025 Restart Bug that Disconnects AD Domain Controller
Microsoft has resolved a critical bug in Windows Server 2025 that caused Active Directory Domain Controllers to improperly manage network traffic after system restarts, resulting in service disconnections and application failures. The comprehensive patch, identified as KB5060842, was deployed on…
Don’t Click ‘Unsubscribe’ Links Blindly It May Leads to Loss of Credentials
A sophisticated cyber threat campaign leveraging malicious unsubscribe links has emerged as a significant security concern, targeting unsuspecting email users across the globe. This deceptive attack vector exploits users’ natural desire to clean up their inboxes, transforming what appears to…
Multiple GitLab Vulnerabilities Allow Attackers to Achieve Complete Account Takeover
A series of critical security vulnerabilities across GitLab Community Edition (CE) and Enterprise Edition (EE) platforms that could enable attackers to achieve complete account takeover and compromise entire development infrastructures. The company released emergency patch versions 18.0.2, 17.11.4, and 17.10.8…
The AI Arms Race: Deepfake Generation vs. Detection
AI-generated voice deepfakes have crossed the uncanny valley, fueling a surge in fraud that outpaces traditional security measures. Detection technology is racing to keep up. The post The AI Arms Race: Deepfake Generation vs. Detection appeared first on SecurityWeek. This…
LockBit panel data leak shows Chinese orgs among the most targeted
The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate panel has revealed. From that sum, the operators took their 20% cut (approximately…
New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model’s (LLM) safety and content moderation guardrails with just a single character change. “The TokenBreak attack targets a text classification model’s…
Microsoft Resolves Windows Server 2025 Restart Bug Disrupting Active Directory Connectivity
Microsoft has addressed multiple critical issues affecting Windows Server 2025 domain controllers through its June 2025 Patch Tuesday updates, resolving authentication failures and network connectivity problems that have plagued administrators since April. The fixes come as part of update KB5060842,…
Hijacked Trust: How Malicious Actors Exploited Discord’s Invite System to Launch Global Multi-Stage Attacks
Attackers took advantage of a Discord feature that lets expired or deleted invite links be reused, allowing them to hijack trusted community links and redirect users to harmful servers. The attack tricks users with a fake verification bot and phishing…
Heimdal for schools: Why IT teams are making the switch
This piece is authored by Michael Coffer, Heimdal’s resident sales expert for the education sector. Michael speaks to hundreds of IT administrators a year, so few people understand the challenges of this sector better than he does. Here, he explains…
On Constant Community Improvements
The theme of this year’s RSAC is “Many Voices. One Community.” While our field can rightly claim “many voices”, portraying it as a “community” is a bit of a stretch…. The post On Constant Community Improvements appeared first on Cyber…
Tamnoon helps organizations reduce cloud security exposures
Tamnoon launched Managed CDR (Cloud Detection and Response), a managed service designed to validate, contextualize, and respond to cloud security alerts. Built on AWS and launching with Wiz Defend, Amazon GuardDuty, CrowdStrike Falcon, and Orca Security, with more coming soon,…
OneLogin AD Connector Vulnerabilities Exposes Authentication Credentials
A comprehensive security investigation has revealed critical vulnerabilities in OneLogin’s Active Directory (AD) Connector service that exposed authentication credentials and enabled attackers to impersonate legitimate users across enterprise environments. The vulnerabilities, which affect OneLogin’s widely-used identity and access management platform,…
Hirundo Raises $8 Million to Eliminate AI’s Bad Behavior
Hirundo tackles AI hallucinations and bias by making trained models “forget” poisoned, malicious, and confidential data. The post Hirundo Raises $8 Million to Eliminate AI’s Bad Behavior appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
LLM vector and embedding risks and how to defend against them
As large language model (LLM) applications mature, the line between model performance and model vulnerability continues to blur. The post LLM vector and embedding risks and how to defend against them appeared first on Security Boulevard. This article has been…
Identifying high-risk APIs across thousands of code repositories
In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy tools fall short, and how StackHawk identifies risky APIs and sensitive data directly from code…