Apple rolled out the security patches for dozens of iPhone and iPad models and generations.
The post Apple Patches iOS Flaw Allowing Recovery of Deleted Chats appeared first on SecurityWeek.
Source:: securityweek
The flaw allows attackers to access the SAM database, extract NTLM hashes, and gain System privileges.
The post Recent Microsoft Defender Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.
Source:: securityweek
Tied to a fresh Checkmarx supply chain attack claimed by TeamPCP, the incident references the Shai-Hulud worm.
The post Bitwarden NPM Package Hit in Supply Chain Attack appeared first on SecurityWeek.
Source:: securityweek
Cookeville Regional Medical Center was targeted last year by the Rhysida ransomware group, which stole 500GB of data.
The post Data Breach at Tennessee Hospital Affects 337,000 appeared first on SecurityWeek.
Source:: securityweek
Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors.
The post China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks appeared first on SecurityWeek.
Source:: securityweek
Agentic AI can be expensive to use, causing further and unpredictable pressure on tight budgets.
The post Sevii Launches Cyber Swarm Defense to Make Agentic AI Security Costs Predictable appeared first on SecurityWeek.
Source:: securityweek
Angelo Martino of Florida has pleaded guilty to collaborating with the BlackCat cybercrime group while working as a ransomware negotiator.
The post Third US Security Expert Admits Helping Ransomware Gang appeared first on SecurityWeek.
Source:: securityweek
The Senate approved a short-term renewal until April 30 of a controversial surveillance program used by U.S. spy agencies.
The post Senate Extends Surveillance Powers Until April 30 After Chaotic Votes in House appeared first on SecurityWeek.
Source:: securityweek
A researcher has disclosed the details of the AI attack method he has named ‘Comment and Control’.
The post Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments appeared first on SecurityWeek.
Source:: securityweek
CISA expanded the KEV catalog with eight flaws, but five of them have been flagged as exploited before.
The post Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities appeared first on SecurityWeek.
Source:: securityweek