Apache Tika CVE Expands To Critical Multi-Module Flaw
A security issue disclosed in the Apache Tika document-processing framework has proved broader and more serious than first believed. The project’s maintainers have issued a new advisory…
Category: DarkReading
Prompt Injection Harder To Stop Than SQL Injection
The UK’s National Cyber Security Centre (NCSC) has issued a fresh warning about the growing threat of prompt injection, a vulnerability that has quickly become…
AI Browsers ‘Too Risky For General Adoption,’ Gartner Warns
AI browsers may be innovative, but they’re “too risky for general adoption by most organizations,” Gartner warned in a recent advisory to clients. The 13-page…
Ransomware Payments Fell After Law Enforcement Actions
U.S. companies made more than $2 billion in ransomware payments between 2022 and 2024, nearly equaling the total ransoms paid in the previous nine years,…
Barts Health Data Breach Confirmed As Cl0p Attack
Barts Health NHS Trust has confirmed that the data breach at Barts Health was carried out by the Russian-speaking Cl0p ransomware group, which exploited a…
Google, Apple Warn Users Of Growing Spyware Threats
Google and Apple have released new global cyber threat notifications, alerting users across dozens of countries to potential targeting by state-linked hackers. The latest warnings…
JPCERT Warns Of Array AG Attacks
The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has confirmed that a command injection vulnerability affecting Array Networks AG Series secure access gateways has been actively…
React2Shell Bug Exploited Within Hours Of Disclosure
The cycle of vulnerability disclosure and weaponization has shattered records once again. According to a new threat intel from Amazon Web Services (AWS), state-sponsored hacking…
Leaked Files Expose Intellexa’s Remote Access To Customer Systems And Live Surveillance Ops
Intellexa staff members connected directly to at least 10 deployed Predator customer systems using TeamViewer commercial remote administration software, a leaked 2023 internal training session…
Former Student Charged In Western Sydney University Cyberattack
A former student has been charged over an extended series of security breaches linked to the Western Sydney University cyberattack that has affected the institution…
CISA Warns PRC Hackers Target VMware With BRICKSTORM Malware
U.S. and Canadian cybersecurity agencies are warning that China-sponsored threat actors are using BRICKSTORM malware to compromise VMware vSphere environments. “Once compromised, the cyber actors…
Sanctioned Spyware Vendor Used IOS Zero-Day Exploit Chain Against Egyptian Targets
Google Threat Intelligence Group discovered a full iOS zero-day exploit chain deployed in the wild against targets in Egypt, revealing how sanctioned commercial surveillance vendor…