By Eduard Kovacs
An optional ‘username key’ adds another layer by requiring a secondary credential before someone can message users.
The post WhatsApp Rolling Out Username Feature to Bolster Phone Number Privacy appeared first on SecurityWeek.
Source:: securityweek


Posted in Uncategorized | No Comments »
By Ionut Arghire
Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code.
The post F5 Patches Critical, High-Severity NGINX Vulnerabilities appeared first on SecurityWeek.
Source:: securityweek


Posted in Uncategorized | No Comments »
By Eduard Kovacs
The Android malware allows its operators to take control of infected devices and harvest sensitive information.
The post Rokarolla Banking Trojan Targets 200 Applications appeared first on SecurityWeek.
Source:: securityweek


Posted in Uncategorized | No Comments »
By Ionut Arghire
The latest GitLab CE/EE updates address 13 vulnerabilities, including three high-severity defects.
The post GitLab Patches Code Execution, Information Disclosure Vulnerabilities appeared first on SecurityWeek.
Source:: securityweek


Posted in Uncategorized | No Comments »
By Ionut Arghire
Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root.
The post Critical Command Execution Vulnerability Patched in Cisco ISE appeared first on SecurityWeek.
Source:: securityweek


Posted in Uncategorized | No Comments »
By Ionut Arghire
Splunk patched an OS command injection in AI Toolkit, while Atlassian fixed dozens of flaws in third-party dependencies.
The post Atlassian, Splunk Patch Critical Vulnerabilities appeared first on SecurityWeek.
Source:: securityweek


Posted in Uncategorized | No Comments »
By algerj@bnpmedia.com (Jordyn Alger)
The campaign was undetected for more than one year.
Source:: Security magazin


Posted in Uncategorized | No Comments »
By Ionut Arghire
A malicious dependency the attackers added to over 140 Mastra packages fetches a payload targeting cryptocurrency extensions.
The post North Korean Hackers Blamed for Mastra NPM Supply Chain Attack appeared first on SecurityWeek.
Source:: securityweek


Posted in Uncategorized | No Comments »
Most people picture insider threats one way — the disgruntled employee, the corporate spy, the contractor who walked out with a thumb drive. Those exist, and they matter, but they’re not the majority of what this category actually contains.
Source:: Security magazin


Posted in Uncategorized | No Comments »
By Eduard Kovacs
The company says Sol matches competing systems like Mythos Preview while using only a third of the output tokens.
The post OpenAI Unveils GPT-5.6 Sol as Its Most Advanced Cybersecurity AI appeared first on SecurityWeek.
Source:: securityweek


Posted in Uncategorized | No Comments »