By Eduard Kovacs

An optional ‘username key’ adds another layer by requiring a secondary credential before someone can message users.

The post WhatsApp Rolling Out Username Feature to Bolster Phone Number Privacy appeared first on SecurityWeek.

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Ionut Arghire

Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code.

The post F5 Patches Critical, High-Severity NGINX Vulnerabilities appeared first on SecurityWeek.

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Eduard Kovacs

The Android malware allows its operators to take control of infected devices and harvest sensitive information.

The post Rokarolla Banking Trojan Targets 200 Applications appeared first on SecurityWeek.

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Ionut Arghire

The latest GitLab CE/EE updates address 13 vulnerabilities, including three high-severity defects.

The post GitLab Patches Code Execution, Information Disclosure Vulnerabilities appeared first on SecurityWeek.

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Ionut Arghire

Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root.

The post Critical Command Execution Vulnerability Patched in Cisco ISE appeared first on SecurityWeek.

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Ionut Arghire

Splunk patched an OS command injection in AI Toolkit, while Atlassian fixed dozens of flaws in third-party dependencies.

The post Atlassian, Splunk Patch Critical Vulnerabilities appeared first on SecurityWeek.

…read more

Source:: securityweek


Print pagePDF pageEmail page

By algerj@bnpmedia.com (Jordyn Alger)

The campaign was undetected for more than one year.

…read more

Source:: Security magazin


Print pagePDF pageEmail page

By Ionut Arghire

A malicious dependency the attackers added to over 140 Mastra packages fetches a payload targeting cryptocurrency extensions.

The post North Korean Hackers Blamed for Mastra NPM Supply Chain Attack appeared first on SecurityWeek.

…read more

Source:: securityweek


Print pagePDF pageEmail page

Most people picture insider threats one way — the disgruntled employee, the corporate spy, the contractor who walked out with a thumb drive. Those exist, and they matter, but they’re not the majority of what this category actually contains.

…read more

Source:: Security magazin


Print pagePDF pageEmail page

By Eduard Kovacs

The company says Sol matches competing systems like Mythos Preview while using only a third of the output tokens.

The post OpenAI Unveils GPT-5.6 Sol as Its Most Advanced Cybersecurity AI appeared first on SecurityWeek.

…read more

Source:: securityweek


Print pagePDF pageEmail page