Details of the six-year-old flaw were publicly shared by Cisco Talos in April 2019, describing it as an exploitable remote code execution vulnerability in the ACEManager "upload.cgi" function of Sierra Wireless AirLink ES450 firmware version 4.9.3. Talos reported the flaw to the Canadian company in December 2018. "This vulnerability exists in the file upload capability of templates within the AirLink 450," the company said. "When uploading template files, you can specify the name of the file that you are uploading."
Two people allegedly linked to China's infamous Salt Typhoon espionage hacking group seem to have previously received training through Cisco's prominent, long-running networking academy. Meanwhile, warnings are increasingly emerging from United States lawmakers in Congress that safeguards on expanded US wiretap powers have been failing, allowing US intelligence agencies to access more of Americans' data without adequate constraints. If you've been having trouble keeping track of all of the news and data coming out about infamous sex offender Jeffrey Epstein,
A security vulnerability in the Notepad++ update mechanism has been exploited to spread malicious code. What began as a report within the Notepad++ community at the end of October was later confirmed to be a structural weakness in the updater. Analysis by BleepingComputer shows that attackers were able to execute malware via this mechanism. Notepad++ has since released a fix in version 8.8.9.
A Microsoft zero-day vulnerability that allows an unprivileged user to crash the Windows Remote Access Connection Manager (RasMan) service now has a free, unofficial patch - with no word as to when Redmond plans to release an official one - along with a working exploit circulating online. Researchers from 0patch, the micropatching site, uncovered the denial-of-service (DoS) bug while investigating CVE-2025-59230, a Windows RasMan privilege escalation vulnerability that Redmond fixed in October, but not before attackers found and exploited the vulnerability.
Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. "These repositories, often themed as development utilities or OSINT tools, contain only a few lines of code responsible for silently downloading a remote HTA file and executing it via 'mshta.exe,'" Morphisec researcher Yonatan Edri said in a report shared with The Hacker News.
This year, MITRE made headlines primarily because its leading vulnerability database was in danger of being discontinued. For years, another issue has been plaguing the American non-profit. The voluntary ATT&CK evaluations in which security players participate are no longer popular. Below, we explain why and what MITRE plans to do to turn the tide. This year's list of participants is particularly disappointing, not in terms of caliber, but in the length of its participant list.
When he tested the token, Zimmermann said that it granted access to hundreds of private Home Depot source code repositories hosted on GitHub and allowed the ability to modify their contents. The researcher said the keys allowed access to Home Depot's cloud infrastructure, including its order fulfillment and inventory management systems, and code development pipelines, among other systems. Home Depot has hosted much of its developer and engineering infrastructure on GitHub since 2015, according to a customer profile on GitHub's website.
No one knows exactly when quantum computing will arrive, but accelerating progress is prompting security and IT leaders to recognise the potential risks. With near-weekly breakthroughs in large-scale quantum computing, and with regulators and large cyber security players treating the issue as urgent, quantum-driven threats are now starting to appear on boardroom agendas. So how do organisations begin implementing post-quantum cryptography (PQC)? In this article, I'll outline a roadmap to post-quantum readiness and highlight the most common pitfalls senior decision makers encounter along the way.
It has been a turbulent and transformative period defined by sweeping shifts in both job seeker behavior and employer expectations. Across the U.S., a wave of public sector professionals entered the private job market following major government agency restructurings, layoffs, and early retirement programs. Many of these candidates with specialized skill sets found themselves needing to quickly translate their government experience into private-sector language, just as the hiring landscape itself was rapidly evolving.
Curzon cinema has admitted a major app failure that left dozens of customers' personal details exposed to complete strangers. The upmarket cinema chain which runs 10 venues across London plus its Curzon Home Cinema streaming service said the error meant other users could see people's names, emails, phone numbers, dates of birth, profile photos and membership tiers. In some cases, even the last four digits of saved bank cards were visible.
When Fortra disclosed CVE-2025-10035 in GoAnywhere MFT, security teams would have experienced a familiar sinking feeling. Another critical vulnerability. Another emergency patch cycle. Another race against ransomware operators. Yet, this latest maximum-severity flaw revealed something more troubling than a single vendor's coding error. It exposed the fundamental fragility of how organizations handle their most sensitive data transfers. Unfortunately, the numbers don't lie. According to our research, Managed File Transfer (MFT) platforms carry a sky-high risk score (4.72), outpacing nearly every other data transfer technology.
As enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool for streamlining operations and enhancing security. However, since RPA bots have varying levels of access to sensitive information, enterprises must be prepared to mitigate a variety of challenges. In large organizations, bots are starting to outnumber human employees, and without proper identity lifecycle management, these bots increase security risks.
The General Services Administration has signed a OneGov agreement with Tenable that offers steep discounts on some of the company's cloud security offerings. The agreement is the 17th OneGov pact GSA has signed with software manufacturers to bring volume discount pricing to all government buyers. In the Tenable agreement, the company is offering agencies a 65% discount off its list price for its FedRAMP-authorized Tenable Cloud Security Enterprise.
When he got notified of exceeding the limit, he wandered off to his user settings and found out he could simply change the organization's budget limitations (to over $1M!) - even though he wasn't the admin. The admin received no notification.
AWS Identity Misconfigurations: We will show how attackers abuse simple setup errors in AWS identities to gain initial access without stealing a single password. Hiding in AI Models: You will see how adversaries mask malicious files in production by mimicking the naming structures of your legitimate AI models. Risky Kubernetes Permissions: We will examine "overprivileged entities"-containers that have too much power-and how attackers exploit them to take over infrastructure.
AI-powered scams are hijacking the identities of major artists to steal money from fans, according to a new report (via ). The social media security company Spikerz says platforms like TikTok, Instagram, and X-vital for announcements and fan engagement-are increasingly "high-risk entry points for fraud and brand damage," with AI making impersonations harder to spot and scams more effective.
The retail giant, often compared to Amazon for its dominance in South Korean e-commerce and logistics, last month revealed details of a data breach affecting close to 34 million people. The breach allegedly began in June but wasn't noticed until November, when Coupang initially said over 4,500 customers had their data stolen. The company later revised that figure dramatically upward.
Andravia and Harbadus - two nations so often at odds with one another - were once again embroiled in conflict over the past seven days, which thoroughly tested NATO's cybersecurity experts' ability to coordinate defenses across battlefield domains. Around 1,500 practitioners took part in the annual battle that engulfed the island of Occasus-Icebergen, all working together to remediate cyberattacks on critical systems, the effects of which influenced how land, sea, and air forces were able to respond.
The new app in the ServiceNow Store offers bidirectional, policy-driven backup and recovery orchestration directly within the ServiceNow AI Platform. Users get full auditability, real-time status synchronization, and compliance reporting. ServiceNow users can monitor, orchestrate, and automate Veeam-powered data protection without leaving the platform. With this app, Veeam is primarily targeting highly regulated sectors such as manufacturing, healthcare, pharmaceuticals, and finance. Companies that want to provide their teams with self-service data security and automation are also part of the target group.
The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered coding assistant, but, in actuality, harbor covert functionality to download additional payloads, take screenshots, and siphon data. The captured information is then sent to an attacker-controlled server. "Your code. Your emails. Your Slack DMs. Whatever's on your screen, they're seeing it too," Koi Security's Idan Dardikman said. "And that's just the start. It also steals your WiFi passwords, reads your clipboard, and hijacks your browser sessions."
