SecurityWeek

Redfox Security warns of multiple vulnerabilities in Netgear WNR614 routers discontinued three years ago.

BlackBerry says the Cylance data offered for sale for $750,000 is old and its own systems have not been compromised. 

SAP has released 10 new security notes on June 2024 Security Patch Day, including two addressing high-severity vulnerabilities.

Forescout's 2024 analysis of the riskiest devices highlights vulnerabilities and threat actor interactions across IT, IoT, OT, and IoMT.

The Supreme Court will take up Meta’s bid to end the lawsuit over the Cambridge Analytica privacy scandal.

Arm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks.

OT zero trust user access platform provider Xona has raised $18 million, which brings its total investment to $32 million.

Mandiant says a financially motivated threat actor has compromised hundreds of Snowflake instances using customer credentials stolen via infostealer malware that infected non-Snowflake owned systems.

Fortinet announces plans to acquire Lacework, a late-stage cloud security startup that was once listed as a “unicorn” company valued north of $1 billion.

A critical vulnerability in the PyTorch distributed RPC framework could be exploited for remote code execution.

PHP has released patches for CVE-2024-4577, a critical vulnerability that could lead to arbitrary code execution on remote servers.

The New York Times has issued a statement after someone leaked source code allegedly belonging to the news giant. 

Nvidia patches multiple high-severity vulnerabilities in GPU display drivers and virtual GPU software.

Cisco Talos researchers have found over a dozen vulnerabilities in AutomationDirect PLCs, including flaws that could be valuable to attackers.

A Zambian court has sentenced 22 Chinese nationals to long prison terms for cybercrimes that included internet fraud and online scams targeting Zambians and other people.

Auction house Christie's says the data breach caused by the recent ransomware attack impacts the information of 45,000 individuals.

Amidst public pressure, Microsoft changes the set-up experience of Copilot+ PCs to disable the controversial Windows Recall feature by default.

Tenable goes shopping again in Israel with plans to buy early stage startup Eureka Security to boost data security posture management tooling.

Noteworthy stories that might have slipped under the radar: TikTok patches account hijacking zero-day, $300 million DMM Bitcoin hack, free Android VPN apps analyzed.

Mozilla has announced a 0Day Investigative Network (0Din) bug bounty program for LLMs and other deep learning tech.