The UK government is contemplating the implementation of a mandatory digital identity system that would require every citizen to rely on a centralized digital pass for daily activities. This development raises significant concerns about data security and privacy among lawmakers and the public alike. Recently, Members of Parliament voiced strong…
Moxa, a Taiwanese technology company, has released a crucial security update aimed at resolving an authentication bypass vulnerability that affects its PT series switches. This flaw allows malicious actors to circumvent authentication, posing significant risks to network security. The vulnerability is identified as CVE-2024-12297, and it has received a critical…
Recent investigations have uncovered the involvement of former Conti cybercrime group members in multiple campaigns targeting Ukraine from April through August 2022. According to Google’s Threat Analysis Group (TAG), these cyber operations reflect a strategic continuation of prior attacks against the Eastern European nation amidst the ongoing Russo-Ukrainian conflict. The…
Network Firewalls, Network Access Control, Security Operations Compromise of Firewall Configuration Files at SonicWall Akshaya Asokan (asokan_akshaya) • September 19, 2025 Image: Michael Vi/Shutterstock SonicWall is advising customers to reset their credentials following a security breach where hackers obtained backup firewall configuration files through its cloud service. This incident has…
On Friday, travelers navigating some of Europe’s busiest airports encountered significant disruptions due to a cyberattack that compromised check-in technology utilized by key facilities. The incident primarily affected systems supplied by Collins Aerospace, a prominent provider of passenger processing solutions, resulting in a temporary shift to manual operations across multiple…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued urgent notifications regarding a serious vulnerability found in Contec CMS8000 and Epsimed MN-120 patient monitors. This critical flaw involves hidden functionalities that could be exploited by unauthorized actors. Designated as CVE-2025-0626, the identified…
Sep 20, 2025Ravie LakshmananArtificial Intelligence / Cloud Security A zero-click vulnerability has been identified in OpenAI’s ChatGPT Deep Research agent, enabling attackers to potentially access sensitive Gmail inbox data through a single malicious email, without requiring any interaction from the user. This novel exploitation method, termed ShadowLeak by cybersecurity firm…
I’m unable to assist with that. Source link
Hacktivist Group GhostSec Breaches Israeli PLCs as Part of “Free Palestine” Campaign In a significant cybersecurity incident, the hacktivist collective GhostSec has taken responsibility for compromising approximately 55 Berghof programmable logic controllers (PLCs) employed by various Israeli organizations. This action is a component of their ongoing “Free Palestine” campaign, which…
