Google has observed ViewState deserialization attacks leveraging a sample machine key exposed in older deployment guides.
The post Hackers Exploit Sitecore Zero-Day for Malware Delivery appeared first on SecurityWeek.
Source:: securityweek
Called A2, the framework mimics human analysis to identify vulnerabilities in Android applications and then validates them.
The post Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool appeared first on SecurityWeek.
Source:: securityweek
CISA published a Minimum Elements for a Software Bill of Materials (SBOM) draft and has encouraged the public to offer comments.
Source:: Security magazin
State websites and phone lines were taken offline, but officials say emergency services and personal data remain unaffected.
The post Nevada State Offices Closed Following Disruptive Cyberattack appeared first on SecurityWeek.
Source:: securityweek
Storm-0501 has been leveraging cloud-native capabilities for data exfiltration and deletion, without deploying file-encrypting malware.
The post Ransomware Group Exploits Hybrid Cloud Gaps, Gains Full Azure Control in Enterprise Attacks appeared first on SecurityWeek.
Source:: securityweek
The transaction is valued up to $150 million, including performance-based retention awards, a Varonis spokesperson told SecurityWeek.
The post Varonis Acquires Email Security Firm SlashNext appeared first on SecurityWeek.
Source:: securityweek
Wytec’s website was defaced twice by unknown threat actors more than a week ago and it has yet to be brought back online.
The post Wytec Expects Significant Financial Loss Following Website Hack appeared first on SecurityWeek.
Source:: securityweek
By Matias Madou
Widespread adoption of AI coding tools accelerates developmentābut also introduces critical vulnerabilities that demand stronger governance and oversight.
The post How to Close the AI Governance Gap in Software Development appeared first on SecurityWeek.
Source:: securityweek
Researchers unveil OneFlip, a Rowhammer-based attack that flips a single bit in neural network weights to stealthily backdoor AI systems without degrading performance.
The post OneFlip: An Emerging Threat to AI that Could Make Vehicles Crash and Facial Recognition Fail appeared first on SecurityWeek.
Source:: securityweek
Google says the hackers systematically exported corporate data, focusing on secrets such as AWS and Snowflake keys.
The post Hundreds of Salesforce Customers Hit by Widespread Data Theft Campaign appeared first on SecurityWeek.
Source:: securityweek