Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company […]
African Orgs Fall to Mass Microsoft SharePoint Exploits
The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise […]
Enterprise LLMs Vulnerable to Prompt-Based Attacks Leading to Data Breaches
Security researchers have discovered alarming vulnerabilities in enterprise Large Language Model (LLM) applications that could allow attackers to bypass authentication systems and access sensitive corporate […]
Orange Hit by Cyberattack, Internal Systems Hacked
French telecommunications giant Orange confirmed it suffered a significant cyberattack on Friday, July 25th, targeting one of its critical information systems. The incident has disrupted […]
New Microsoft Guidance Targets Defense Against Indirect Prompt Injection
Microsoft has unveiled new guidance addressing one of the most pressing security challenges facing enterprise AI deployments: indirect prompt injection attacks. This emerging threat vector […]
MCP‑Sicherheit: Das Rückgrat von Agentic AI sichern
Im Zuge von Agentic AI sollten sich CISOs mit MCP-Sicherheit auseinandersetzen. Wanan Wanan – shutterstock.com Das Model Context Protocol (MCP) wurde erst Ende 2024 vorgestellt, dennoch sind […]
Chrome Vulnerabilities Allow Attackers to Hijack Memory and Run Malicious Code
Google has released an emergency security update for its Chrome browser to address critical vulnerabilities that could allow attackers to hijack system memory and execute […]
Nimble ‘Gunra’ Ransomware Evolves With Linux Variant
The emerging cybercriminal gang, which initially targeted Microsoft Windows systems, is looking to go cross-platform using sophisticated, multithread encryption. The original article found on darkreading […]
Google patches Gemini CLI tool after prompt injection flaw uncovered
It’s barely been out for a month and already security researchers have discovered a prompt injection vulnerability in Google’s Gemini command line interface (CLI) AI […]
Qilin Ransomware Gains Momentum with Legal Assistance Option for Affiliates
The Qilin ransomware gang has introduced a “Call Lawyer” feature for its affiliates, announced on a Russian-speaking darknet forum. This Ransomware-as-a-Service (RaaS) enhancement provides on-demand […]