Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

2024 Breaks Records With Highest Ever Ransomware Attacks

DARKReading
Open in Source
#vulnerability#git#intel
Google's DMARC Push Pays Off, but Email Security Challenges Remain

A year after Google and Yahoo started requiring DMARC, the adoption rate of the email authentication specification has doubled; and yet, 87% of domains remain unprotected.

20 Million OpenAI accounts offered for sale

A cybercriminal calling themselves emirking is offering 20 million OpenAI accounts for sale on a Dark Web forum

7,000 Exposed Ollama APIs Leave DeepSeek AI Models Wide Open to Attack

UpGuard discovers exposed Ollama APIs revealing DeepSeek model adoption globally. See where these AI models are running and the security risks involved.

CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution. "This could

ABB Cylon FLXeon 9.3.4 (wsConnect.js) WebSocket Command Spawning PoC

The ABB Cylon FLXeon BACnet controller is vulnerable to an unauthenticated WebSocket implementation that allows an attacker to execute the tcpdump command. This command captures network traffic and filters it on serial ports 4855 and 4851, which are relevant to the device's services. The vulnerability can be exploited in a loop to start multiple instances of tcpdump, leading to resource exhaustion, denial of service (DoS) conditions, and potential data exfiltration. The lack of authentication on the WebSocket interface allows unauthorized users to continuously spawn new tcpdump processes, amplifying the attack's impact.

ABB Cylon FLXeon 9.3.4 (runtimeSetup.sh) Hidden Backdoor Account

The application has a hidden administrative account 'cxpro' that has write access permissions to the device.

Exciting updates to the Copilot (AI) Bounty Program: Enhancing security and incentivizing innovation

At Microsoft, we are committed to fostering a secure and innovative environment for our customers and users. As part of this commitment, we are thrilled to announce significant updates to our Copilot (AI) Bounty Program. These changes are designed to enhance the program’s effectiveness, incentivize broader participation, and ensure that our Copilot consumer products remain robust, safe, and secure.

Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware

Threat actors have been observed exploiting recently disclosed security flaws in SimpleHelp's Remote Monitoring and Management (RMM) software as a precursor for what appears to be a ransomware attack. The intrusion leveraged the now-patched vulnerabilities to gain initial access and maintain persistent remote access to an unspecified target network, cybersecurity company Field Effect said in a

S. Korea’s Notorious Sex Crime Hub Ya-moon Hacked, User Data Leaked

Ya-moon, S. Korea’s notorious sex crime hub operating since 1990, hacked; user data leaked, exposing CSAM, exploitation, and illicit activities.