Employees are quietly bringing AI to work and leaving security behind
While IT departments race to implement AI governance frameworks, many employees have already opened a backdoor for AI, according to...
Read more →Author: Cybernoz
Palo Alto Networks GlobalProtect Vulnerability Enabling Root-Level Access
Palo Alto Networks has disclosed a significant security vulnerability in its Autonomous Digital Experience Manager software that could allow attackers...
Read more →
New infosec products of the week: July 11, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Barracuda Networks, Cynomi, Lepide, Tosibox,...
Read more →
Investcorp establishes a fund to support an Italian cybersecurity firm.
Investcorp to provide backing for Sababa Fund supported by Hayfin and Coller Sababa aims for expansion in the Middle East...
Read more →
Comment Period Extension for NIST HPC Security Overlay
The initial public draft (IPD) of NIST Special Publication (SP) 800-234, High-Performance Computing (HPC) Security Overlay, is available for public comment...
Read more →
McDonald’s AI Hiring Tool McHire Leaked Data of 64 Million Job Seekers
Major security flaw in McDonald’s AI hiring tool McHire exposed 64M job applications. Discover how an IDOR vulnerability and weak...
Read more →
McDonald’s McHire Vulnerability Leaked Data of 64 Million Job Seekers
Major security flaw in McDonald’s McHire platform exposed 64M job applications. Discover how an IDOR vulnerability and weak default credentials...
Read more →
Hackers Exploit GitHub to Distribute Malware Disguised as VPN Software
CYFIRMA has discovered a sophisticated cyberattack campaign in which threat actors are using GitHub to host and disseminate malware masquerading...
Read more →
New ZuRu Malware Variant Attacking macOS Users Via Weaponized Termius App
A sophisticated new variant of the macOS.ZuRu malware has emerged, targeting macOS users through a weaponized version of the popular...
Read more →
DHS Tells Police That Common Protest Activities Are ‘Violent Tactics’
DHS’s risk-based approach reflects a broader shift in US law enforcement shaped by post-9/11 security priorities—one that elevates perceived intent...
Read more →
Schneider Electric Flaws Expose Systems to OS Command Injection Attacks
Schneider Electric, a global leader in industrial technology and sustainability, has issued a critical security notification revealing multiple vulnerabilities in...
Read more →
UK police arrest four over cyberattacks on M&S, Co-op and Harrods
Four people under 21 have been arrested as part of a police investigation into cyberattacks that disrupted the operations of...
Read more →