Security
Headlines
HeadlinesLatestCVEs

Latest News

Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool

Cybersecurity researchers have uncovered a new account takeover (ATO) campaign that leverages an open-source penetration testing framework called TeamFiltration to breach Microsoft Entra ID (formerly Azure Active Directory) user accounts. The activity, codenamed UNK_SneakyStrike by Proofpoint, has targeted over 80,000 user accounts across hundreds of organizations' cloud tenants since a surge in

The Hacker News
Open in Source
#microsoft#The Hacker News
US airline industry quietly selling flight data to DHS

Flight data of US customers is being sold by several airlines through a joint data broker sending contracts to ICE and CBP.

Infostealer Ring Bust-up Takes Down 20,000 Malicious IPs

Interpol's Operation Secure arrested more than 30 suspects across Vietnam, Sri Lanka, and Nauru, and seized 117 command-and-control servers allegedly used to run widespread phishing, business email compromise, and other cyber scams.

CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers

The US CISA reports critical vulnerabilities in SinoTrack GPS devices that could let attackers remotely control vehicles and track locations. Discover the vulnerabilities and essential steps to secure your device.

ConnectWise to Rotate Code-Signing Certificates

The move is unrelated to a recent nation-state attack the vendor endured but stems from a report by a third-party researcher.

GHSA-4c2h-67qq-vm87: Citizen skin vulnerable to stored XSS through multiple system messages

Various system messages are inserted by the Citizen skin in multiple places without proper sanitization. ## 1 - Command Palette Tips ### Summary Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. ### Details The messages are retrieved using the `plain()` output mode: https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/072e4365e9084e4b153eac62d3666566c06f5a49/resources/skins.citizen.commandPalette/components/CommandPaletteFooter.vue#L61-L66 `currentTip` is set to one of these messages: https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/072e4365e9084e4b153eac62d3666566c06f5a49/resources/skins.citizen.commandPalette/components/CommandPaletteFooter.vue#L69 `currentTip` is inserted as raw HTML (`vue/no-v-html` should *not* be ignored here): https://github.com/StarCitizenTools/mediawiki-skins-Citizen/blob/072e4365e9084e4b153eac62d3666566c06f5a49/reso...

Agentic AI Takes Over Gartner's SRM Summit

Agentic AI was everywhere at Gartner's Security & Risk Management Summit in Washington, DC, this year, as the AI security product engine chugs ahead at full speed.

How Waymo Handles Footage From Events Like the LA Immigration Protests

Waymo driverless taxis capture troves of video footage in order to operate, but the company reveals very little about how much data is stored—and for how long.

23andMe raked by Congress on privacy, sale of genetic data

In a senate hearing, 23andMe was questioned about the impending take-over of the company and its trove of genetic data

Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks

Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft Teams phishing to establish persistent access to target networks. "Recently, attackers have introduced Python script execution alongside these techniques, using cURL requests to fetch and deploy malicious payloads," ReliaQuest said in a report