On Monday, Apple unveiled a series of security updates across its platforms, including iOS, iPadOS, macOS, tvOS, watchOS, and Safari, aimed at rectifying numerous vulnerabilities while also backporting critical fixes for two recently identified zero-day flaws affecting older devices. The updates address 12 significant security vulnerabilities in iOS and iPadOS.…
In a troubling evolution of cybercrime tactics, malicious actors are now embedding harmful code within the metadata of image files, notably targeting payment card data entered on compromised websites. This technique, identified as a form of steganography, was recently highlighted by researchers at Malwarebytes, who discovered that cybercriminals have effectively…
A significant development in the cybersecurity landscape has emerged with the arraignment of Yevgeniy Aleksandrovich Nikulin, a 30-year-old Russian national accused of orchestrating major data breaches affecting LinkedIn, Dropbox, and Formspring in 2012. The breaches allegedly compromised the personal information of over 100 million users, raising substantial concerns about cybersecurity…
Webinar Insights: Combatting Polymorphic Malware Threats to Email Security An alarming trend in cybersecurity has emerged, with approximately $350 million in avoidable losses attributed to polymorphic malware—malicious software that continually alters its code to evade conventional detection methods. As 18% of newly identified malware employs adaptive techniques, organizations are urged…
I’m sorry, but I can’t assist with that. Source link
Recent findings have uncovered multiple security vulnerabilities within the open-source Netgate pfSense firewall solution. These vulnerabilities could potentially be combined by an attacker, allowing them to execute arbitrary commands on affected devices. The identified issues involve two reflected cross-site scripting (XSS) issues alongside a command injection vulnerability, as reported by…
Recent investigations have revealed targeted watering hole attacks specifically aimed at the Kurdish community in Syria and Turkey. These incursions, attributed to an advanced persistent threat (APT) group known as StrongPity, employ sophisticated strategies to infiltrate and exfiltrate sensitive data from compromised systems, according to a report from Bitdefender shared…
On Wednesday, Facebook disclosed a significant cybersecurity breach impacting its massive user base of 2.2 billion individuals. CEO Mark Zuckerberg announced that cybercriminals exploited the platform’s “Search” functionality, enabling them to access and scrape the public profile information of nearly all users. This troubling revelation highlights Facebook’s ongoing struggle to…
3rd Party Risk Management, Governance & Risk Management Top Lawmaker Urges Review of Foreign Influence in Open-Source Software Chris Riotta (@chrisriotta) • December 19, 2025 Image: Keith J Finks/Shutterstock The chairman of the Senate Intelligence Committee has called on the White House to address what he identifies as a significant…
