CSO Online

Hackers exploit critical PTC Windchill PLM software flaw

The popular product lifecycle management platform is under active exploitation for an RCE vulnerability that could put ...

A $2.5 Billion Whodunit: The Hack That Dented the U.K. Economy

A loose collective of cybercriminals initially took credit for crippling Jaguar Land Rover last year. Investigators now see ...
Dark Reading

In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw

The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified ...

Russia allegedly used a forensics platform to hack an activist's phone, despite having its access cut off

The Russian government reportedly used the Cellebrite digital forensics platform to hack into the phone of a political ...
SecurityWeek

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
SecurityWeek

macOS Weaknesses Chained to Silently Disable Endpoint Security Agents

A macOS attack technique allows a standard, non-administrative user account to silently disable enterprise endpoint security ...
Dark Reading

Apple's MacOS Gap Lets Users Disable Security Tools

Attackers can exploit the issue to disable security and integrated browser tools without needing administrator privileges or ...
ITWeb Africa

How attackers exploit malicious, vulnerable software libraries to launch stealth attacks

Companies must be capable of detecting malicious DLLs and vulnerabilities in software libraries to prevent early-stage ...
The Hacker News

GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns

GitHub’s actions/checkout v7 now blocks risky fork PR checkouts in privileged workflows to reduce common pwn request attacks.
Homeland Security Today

New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones

European cybersecurity research firm Paradigm Shift has disclosed details of a new BootROM exploit that affects millions of ...
Windows Report

OpenAI Expands Daybreak With GPT-5.5-Cyber and New Security Tools

OpenAI has unveiled a major expansion of its Daybreak cybersecurity initiative, introducing new AI-powered tools, ...
InfoWorld

OpenAI rolls out AI-led push to fix open-source software flaws

Patch the Planet’ pairs automated analysis with expert review to uncover and remediate vulnerabilities in core infrastructure ...