Critical flaw in FortiClient EMS under exploitation
Fortinet released an emergency hotfix after security researchers discovered the vulnerability being exploited as a zero-day. Source link
Category: CyberSecurityDive
Hims & Hers says limited data stolen in social engineering attack
The telehealth provider said hackers gained access to a third-party customer service platform, but medical records remained secure. Source link
Researchers warn of critical flaws in Progress ShareFile
Attackers could chain vulnerabilities together, leading to configuration changes or remote code execution. Source link
Trump’s FY2027 budget again targets CISA
The White House reiterated accusations about CISA’s counter-misinformation work to justify a major proposed reduction. Source link
Retail and hospitality CISOs expect budget growth, new AI headaches and opportunities
More than eight in 10 security leaders in the sector say they’ve rolled out an AI governance framework to some degree, a new survey found.…
Critical flaw in F5 BIG-IP faces wide exploitation risk
The company revised a security advisory as newly disclosed information heightens the potential impact. Source link
Iran-linked actors target Middle Eastern city governments to undermine missile-strike responses
Hackers associated with the Iranian government are trying to make it harder for cities in Israel and the Gulf states to respond to Iranian missile…
Axios open-source library targeted in sophisticated supply chain attack
Researchers link the compromise to a North Korean adversary and warn the impacts could be wide ranging. Source link
Cybersecurity risks shape AI adoption, but investment accelerates nonetheless
Companies see cybersecurity as a top investment priority within their AI budgets, according to KPMG. Source link
Iran actors’ claims raise questions about larger cyber threat to US, allies
Questions are being raised about the veracity and tactics of Iran-linked actors, amid claims that a large trove of Lockheed Martin data is on the…
‘Missed opportunity’: US government’s absence from RSAC Conference leaves stark void
The Trump administration’s decision to not attend the world’s biggest cybersecurity conference sent the wrong message to partners, experts said. Source link
Stryker restores most manufacturing after cyberattack
The medtech company has been working to restore manufacturing, ordering and shipping operations since it was hit by a cyberattack on March 11. Source link