How Outer Space Became the Next Big Attack Surface
VisionSpace Technologies’ Andrzej Olchawa and Milenko Starcik discussed a set of vulnerabilities capable of ending space missions at the Black Hat USA 2025 News Desk.
-
-
Incode Acquires AuthenticID to Enhance AI-Driven Identity Verification
The combination of Incode’s AI models and AuthenticID’s experience running identity programs at scale in regulated environments will provide customers with holistic fraud signal analysis, multi-modal intelligence, real-time personhood verification, and advanced deepfake detection.
-
DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft
Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that could be exploited to steal account credentials, two-factor authentication (2FA) codes, and credit card details under certain conditions. The technique has been dubbed Document Object Model (DOM)-based extension clickjacking by independent security researcher Marek Tóth,
-
Threat Intelligence Executive Report – Volume 2025, Number 4
This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during May and June
-
FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage
A Russian state-sponsored cyber espionage group known as Static Tundra has been observed actively exploiting a seven-year-old security flaw in Cisco IOS and Cisco IOS XE software as a means to establish persistent access to target networks. Cisco Talos, which disclosed details of the activity, said the attacks single out organizations in telecommunications, higher education…
-
Taegis MDR/XDR now work with Sophos Firewall’s Active Threat Response
Response times go from hours or days to seconds.
-
Europe’s Ransomware Surge Is a Warning Shot for US Defenders
We can strip attackers of their power by implementing layered defenses, ruthless patch management, and incident response that assumes failure and prioritizes transparency.
-
Hacker Finds Flaws in McDonald’s Staff, Partner Hubs
Exposure of APIs, sensitive data, and corporate documents are just some of the security issues that the purveyor of Big Macs was cooking up.
-
Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts
Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative artificial intelligence (GenAI) model into carrying out intended actions by embedding the malicious instruction inside a fake CAPTCHA check on a web page. Described by Guardio Labs an “AI-era take on the ClickFix scam,” the attack technique demonstrates how AI-driven…
-
🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do
Do you know how many AI agents are running inside your business right now? If the answer is “not sure,” you’re not alone—and that’s exactly the concern. Across industries, AI agents are being set up every day. Sometimes by IT, but often by business units moving fast to get results. That means agents are running…