The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM) software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-5086, carries a CVSS score of 9.0 out of 10.0. According to
The security landscape for cloud-native applications is undergoing a profound transformation. Containers, Kubernetes, and serverless technologies are now the default for modern enterprises, accelerating delivery but also expanding the attack surface in ways traditional security models can’t keep up with. As adoption grows, so does complexity. Security teams are asked to monitor sprawling hybrid
FortiGuard Labs’ network telemetry has observed active exploitation of known vulnerabilities in Drupal Core and the WP-Automatic WordPress plugin for initial access. Following compromise, attackers deploy multiple web shells and utilities to enable lateral movement, privilege escalation, and the installation of remote access trojans (RATs).
A security weakness has been disclosed in the artificial intelligence (AI)-powered code editor Cursor that could trigger code execution when a maliciously crafted repository is opened using the program. The issue stems from the fact that an out-of-the-box security setting is disabled by default, opening the door for attackers to run arbitrary code on users’…
The data leak underscores the larger issue of proprietary or sensitive data being shared with GenAI by users who should know better.
By weaponizing the ThrottleStop.sys driver, attackers are disrupting antivirus and endpoint detection and response (EDR) systems.
Even when a vulnerability is serious and a fix is available, actually securing cars is more difficult than one would hope.
F5 plans to use CalypsoAI’s platform to provide real-time threat defense against attacks and help enterprises safeguard themselves as they adopt the latest AI technologies.
With legit sounding names, EvilAI’s “productivity” apps are reviving classic threats like Trojans while adding new evasion capabilities against modern antivirus defenses.
The pervasive Vidar infostealer has evolved with a suite of new evasion techniques and covert data exfiltration methods, according to researchers.