Topic: attack vectors
-
Perplexity Comet Browser Flaw Exposed Users to System Attacks
Security researchers discovered a critical vulnerability in Perplexity's Comet browser, where its MCP API allowed built-in extensions to execute commands on the user's operating system, bypassing standard browser protections. The flaw could enable attackers to take control of devices or deploy ma...
Read More » -
CISA Mandates Federal Patch for Actively Exploited Geoserver Flaw
CISA has mandated federal agencies to patch a critical, actively exploited vulnerability (CVE-2025-58360) in GeoServer that allows attackers to steal files via unauthenticated XML injection. The vulnerability affects GeoServer versions 2.26.1 and earlier, and federal agencies are legally required...
Read More » -
Apple Offers $2 Million Bounty for Zero-Click Exploits
Apple is dramatically increasing its security bounty rewards, now offering up to $2 million for zero-click exploit chains and potential bonuses that could push payouts over $5 million, targeting vulnerabilities in its latest software and hardware. The program enhancements, including new reward ca...
Read More » -
How Hackers Poison AI and How to Stop Them
Cybercriminals are leveraging AI to create sophisticated spam, malicious code, and phishing campaigns, while also directly targeting AI systems to exploit vulnerabilities. Attackers use AI to refine deceptive communications through A/B testing and exploit AI assistants and security tools, leading...
Read More » -
Tenable Uncovers Critical Google Gemini AI Flaws That Risked User Data
Tenable Research uncovered three critical security flaws in Google's Gemini AI, known as the Gemini Trifecta, which allowed attackers to manipulate the AI and steal sensitive user data without direct system access. The vulnerabilities affected components like Gemini Cloud Assist, Search Personali...
Read More » -
Chinese Mustang Panda Hackers Use CoolClient Backdoor to Spread Infostealers
Mustang Panda has deployed an updated CoolClient backdoor with enhanced capabilities to steal browser credentials and clipboard data, targeting government entities across Asia and beyond. The malware uses new distribution methods, compromising legitimate software for initial access, and introduce...
Read More » -
Secure Your Windows Environments with Runtime CNAPP
Sweet Security has expanded its Runtime CNAPP sensor to include comprehensive protection for Windows cloud environments, offering visibility, threat detection, and automated investigation capabilities previously limited to Linux. The Windows sensor is engineered for cloud deployment using Rust, m...
Read More » -
Hackers Ditch Encryption, Focus on Data Theft and Extortion
Cybercriminals are increasingly shifting from ransomware to "encryptionless" extortion, stealing and threatening to release data without locking files, which bypasses traditional defenses. The primary attack methods involve exploiting unpatched software vulnerabilities and supply chain weaknesses...
Read More » -
OpenAI's ChatGPT Defense: Why Safety Isn't Guaranteed
OpenAI acknowledges that complete security for its AI-powered Atlas browser may be impossible, highlighting a core tension where the tools' useful capabilities also create significant new cyberattack risks. To proactively find vulnerabilities, OpenAI uses an AI-based automated attacker that simul...
Read More » -
Ransomware Profits Plummet as Victims Refuse to Pay
Ransomware payment rates have hit a record low of 23%, driven by improved corporate defenses and pressure from authorities not to pay cybercriminals. Attackers are increasingly using "double extortion" tactics, with data theft involved in over 76% of incidents, though payment rates for such attac...
Read More » -
Cybersecurity Crisis: 2 in 3 Companies Face Staff Shortages
Nearly two-thirds of companies face unfilled cybersecurity positions, creating critical vulnerabilities due to slow hiring and sophisticated threats, while 55% still operate with insufficient staff. A disconnect exists between security teams and leadership, with only 56% of professionals believin...
Read More » -
Exploit in Default Cursor Setting Runs Malicious Code on Dev Machines
A security flaw in Cursor AI code editor allows attackers to execute malicious code silently due to the Workspace Trust feature being disabled by default. Exploitation can lead to credential theft, file manipulation, and data exfiltration, especially risky given developers' elevated system privil...
Read More » -
Nozomi Networks' Arc Release Boosts OT Security
Nozomi Networks has upgraded its Arc platform to include automated threat prevention for operational technology, enabling active defense of critical infrastructure without downtime. The enhancement introduces flexible prevention modes, OT-focused threat intelligence, and seamless integration with...
Read More » -
CISA Mandates Urgent Patch for Actively Exploited Gogs Flaw
A critical remote code execution flaw (CVE-2025-8110) in Gogs is being actively exploited, allowing attackers to run arbitrary commands by manipulating Git configuration files. CISA has mandated all federal agencies to patch the vulnerability by February 2026, as over 1,400 public Gogs servers ar...
Read More » -
Acronis Adds Patch Management to Backup Software
Acronis True Image 2026 integrates backup, security, and patch management into a single application, featuring automated Windows patching and AI-driven threat detection for enhanced cyber protection. The platform offers advanced cybersecurity features like anti-ransomware capabilities and protect...
Read More » -
Nozomi Networks Automates Critical Infrastructure Cybersecurity
Nozomi Networks has launched automated threat prevention in its Nozomi Arc platform, providing the industry's first safe, automated response solution tailored for operational technology environments. The platform offers flexible prevention modes, integrates OT-specific threat intelligence, and se...
Read More » -
CISA Mandates Federal Patch for Actively Exploited MongoBleed Flaw
A critical vulnerability in MongoDB, tracked as CVE-2025-14847 and dubbed MongoBleed, is being actively exploited to remotely steal sensitive data like credentials and logs from unpatched servers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has mandated federal agencies to pa...
Read More »