SecurityWeek

Critical ColdFusion vulnerabilities are the most at risk of being exploited in attacks, according to the software giant.

CISOs face a shrinking window to prepare as AI models like Mythos collapse the gap between vulnerability discovery and exploitation, driving a new era of high-velocity cyberattacks.

Basic-Fit has reported that hackers have stolen names, dates of birth, and even bank account details. 

The company has released 19 new security notes addressing flaws in over a dozen enterprise products.

The sprawling cybercrime operation abuses major providers to prevent takedowns and distance itself from sanctions.

The parser is meant to mitigate the entire class of memory safety bugs in the low-level environment.

The company said in an SEC filing that an IDOR vulnerability affecting RCI Internet Services exposed contractor data.

The security defects allow attackers to escalate privileges and execute arbitrary code remotely.

The online travel platform has not said how many customers’ booking information was exposed, but said the issue has been contained. 

Claims that “Microsoft is running one of the largest corporate espionage operations in modern history” face scrutiny as researchers analyze LinkedIn’s browser extension probing

The AI giant is taking action after determining that a macOS code signing certificate may have been compromised.

Law enforcement in the US, UK and Canada identified more than $45 million in cryptocurrency and froze $12 million.

Download links were replaced by a Russian-speaking threat actor to distribute a recently emerged malware named STX RAT.

The malware mimics the legitimate Anthropic installation, relies on DLL sideloading, and cleans up after itself.

The feature allows enterprise users to compose and read end-to-end encrypted messages natively on their mobile devices.