Eight years after a researcher alerted WhatsApp to vulnerabilities allowing mass extraction of user phone numbers, a new investigation from the University of Vienna has confirmed that this issue persists. The researchers employed a technique exploiting WhatsApp’s discovery function, which allows individuals to check if a phone number is registered…
Endpoint Security, Hardware / Chip-level Security Experts Highlight Advantages of Bug Bounties and Researcher Engagement Mathew J. Schwartz (@euroinfosec) • November 21, 2025 Image: Shutterstock While hardware once stood as a cornerstone of trustworthy systems, ongoing concerns over compromised supply chains and security vulnerabilities have significantly diminished that trust. As…
Salesforce recently issued a security advisory alerting users to unauthorized access to customer data via third-party applications provided by Gainsight. This breach not only raises alarm bells across the user base but also highlights persistent vulnerabilities associated with OAuth integrations—an area already marked by significant data breaches within the Salesforce…
Outdated digital infrastructure, including routers, network switches, and network-attached storage systems, has quietly emerged as a significant risk for organizations. While it may seem more cost-effective in the short term to maintain these aging devices in obscurity, doing so often means relying on outdated configurations that are no longer secured…
In April 2024, Microsoft announced a critical security update addressing an unprecedented 149 vulnerabilities, with two of these flaws identified as actively exploited threats. This latest update categorizes three of the vulnerabilities as Critical, 142 as Important, three as Moderate, and one as Low in severity. Additionally, the update follows…
Cisco has issued a warning regarding a notable increase in brute-force attacks targeting a variety of devices since March 18, 2024. These attacks specifically affect Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services. Cisco Talos reports that the origins of these attacks can largely be traced…
Government, Industry Specific, Network Firewalls, Network Access Control CISA Discovers Agencies Misled About Cisco Patch Updates Chris Riotta (@chrisriotta) • November 13, 2025 Image: PJ McDonnell/Shutterstock The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms regarding critical vulnerabilities in Cisco devices, indicating that U.S. government agencies have inadequately addressed…
Key Insights: Cisco researchers identified significant security vulnerabilities in several popular open-weight AI models. Multi-turn adversarial attacks were found to be substantially more effective than single interactions. These findings highlight critical concerns regarding AI safety, data privacy, and the integrity of AI models. Cisco has uncovered critical security vulnerabilities in…
Microsoft has announced the release of security updates addressing 118 vulnerabilities in its software suite, two of which have been identified as actively exploited vulnerabilities in the wild. Among these vulnerabilities, three have been classified as Critical, while 113 are rated Important, and two are deemed Moderate. Notably, this Patch…
