Vulnerability ManagementHouse Dems call for review of U.S. government cybersecurity programsShaun NicholsJune 13, 2025The House Democrats asked for a full assessment of the NVD and CVE systems.
AI/MLDark web AI service abuses legitimate open-source modelsLaura FrenchJune 13, 2025The multimodal Nytheon AI platform is advertised on criminal forums and Telegram channels.
Vulnerability ManagementTrend Micro patches four 9.8 bugs in encryption PolicyServer productsSteve ZurierJune 13, 2025While there was still no evidence of exploitation, Trend Micro advises customers to patch right away.
Network SecuritySmartwatches tabbed as latest vehicle for air-gapped system attacksShaun NicholsJune 13, 2025Researchers say the latest vehicle for covert data extraction from secured systems could be sitting on your wrist.
DevOps270K websites injected with ‘JSF-ck’ obfuscated codeLaura FrenchJune 12, 2025The JavaScript obfuscation method produces working code using only six ASCII characters.
RansomwareFog ransomware uses legit monitoring software, open-source toolsSteve ZurierJune 12, 2025The bad actor also established persistence following the incident.
Vulnerability ManagementUpdates urged after disclosure of Windows Secure Boot vulnerabilityShaun NicholsJune 12, 2025Bug potentially allows an attacker to bypass the UEFI checks that prevents the use of unauthorized firmware.
AI/MLMicrosoft 365 Copilot ‘zero-click’ vulnerability enabled data exfiltrationLaura FrenchJune 11, 2025An attacker could have sent an email causing Copilot to leak info via a markdown image.
Endpoint/Device Security40,000 security cameras exposed, raises espionage concernsSteve ZurierJune 11, 2025The open cameras may cause unauthorized access at data centers, break-ins at offices and retail stores, and privacy issues for home users and employees.
AI/MLOpenAI bans ChatGPT accounts linked to state-sponsored threat activityShaun NicholsJune 11, 2025OpenAI bans ChatGPT accounts linked to threat actors in China, Russia, Iran and North Korea.
