August Patch Tuesday includes blasts from the (recent) past
Microsoft haul this month covers 109 CVEs… more or less
Microsoft haul this month covers 109 CVEs… more or less
Related
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that’s exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software. The vulnerability in question is CVE-2026-20131 (CVSS score: 10.0), a case of insecure deserialization of user-supplied Java byte stream, which could allow an unauthenticated, remote attacker to
Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes
Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. “At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes…
Adversaries Are Toying With US Networks & DC Is Short on Answers
While nation-state actors are demonstrating how easily they can infiltrate US networks, government officials don’t seem to have a clear vision for what comes next.
Iran-Linked Hackers Target Europe With New Malware
“Nimbus Manticore” is back at it, this time with improved variants of its flagship malware and targets that are outside its usual focus area.
ChatGPT Health Raises Big Security, Safety Concerns
ChatGPT Health promises robust data protection, but elements of the rollout raise big questions regarding user security and safety.
Like SEO, LLMs May Soon Fall Prey to Phishing Scams
Just as attackers have used SEO techniques to poison search engine results, they could rinse and repeat with artificial intelligence and the responses LLMs generate from user prompts.