Cisco reveals 2 max-severity defects in firewall management software
The vendor said it’s not aware of any active exploitation of the vulnerabilities, which could allow remote attackers to achieve root access and execute code.
Advertisement
Cybersecurity
Global coalition dismantles Tycoon 2FA phishing kit
Microsoft, which led the effort, said it seized 330 domains that powered the phishing platform’s core infrastructure. The alleged creator was also named in a civil complaint.
LLMs are getting better at unmasking people online
The author of a new study told CyberScoop he's "very worried,” describing deanonymization capabilities of AI as a “large scale invasion of privacy.”
Authorities from 14 countries shut down major cybercrime forum LeakBase
The marketplace was one of the world’s largest hubs for cybercrime with more than 142,000 members. Officials identified and arrested multiple suspects after seizing the site’s database.
Attackers are using your network against you, according to Cloudflare
Blind spots in complex cloud environments allow identity-based attacks to achieve the same outcome as complex malware or zero-day exploits. Sophistication need not apply.
Advertisement
Datadog’s Emilio Escobar on compliance-first AI
Emilio Escobar | CISO | Datadog
Cohesity’s Marlin McFate on risks tied to growing cloud dependence
Marlin McFate | Public Sector CTO & CISO | Cohesity
ThreatLocker’s Rob Allen on the dual impact of AI
Rob Allen | Chief Product Officer | ThreatLocker
Researchers discover suite of agentic AI browser vulnerabilities
Through a simple calendar invite, AI browsers like Comet can be directed to access local file systems, browse directories, open and read files, and exfiltrate data.
Google addresses actively exploited Qualcomm zero-day in fresh batch of 129 Android vulnerabilities
The company’s latest security update contains the highest number of Android vulnerabilities patched in a single month since April 2018.
Advertisement