Treasury bureau notifies Congress that email hack was a ‘major’ cybersecurity incident
The Office of the Comptroller of the Currency has notified Congress that a February breach of its email system is classified as a major cybersecurity…
Latest Cybersecurity News — Page 2349
View all →
Who’s calling? The threat of AI-powered vishing attacks
Imagine receiving a call from a high-ranking official, urgently requesting a wire transfer to resolve a national crisis. This was the case for several wealthy…
Windows Active Directory Domain Vulnerability Let Attackers Escalate Privileges
Microsoft has disclosed a significant security vulnerability in Active Directory Domain Services that could allow attackers to elevate their privileges to the system level, potentially…
New Double-Edged Email Attack Steals Office 365 Credentials and Delivers Malware
Cybersecurity experts have uncovered a sophisticated phishing campaign that employs a double-edged tactic to compromise Office 365 credentials and deliver malware, posing significant risks to…
New AkiraBot Abuses OpenAI API to Spam Website Contact Forms
Cybersecurity researchers have identified a new spam campaign driven by ‘AkiraBot,’ an AI-powered bot that targets small business websites with customized promotional messages. AkiraBot, a…
Same Origin Policy | Daniel Miessler
One of the more important topics in web application security is the same origin policy. It is a browser-based defense mechanism that makes it so…
Q&A with Crowdsource hacker Gehaxelt
Detectify Crowdsource hacker Sebastian Neef, otherwise known as Gehaxelt, has an inspirational background in ethical hacking. Driven by curiosity, a sense of friendly competition, and…
Windows CLFS zero-day exploited in ransomware attacks
Dive Brief: Attackers are exploiting a zero-day vulnerability in the Windows Common Log File System to deploy ransomware against various targets, including information technology and…
Critical FortiSwitch flaw lets hackers change admin passwords remotely
Fortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. The company says…
VMware Patches Multiple 47 Vulnerabilities VMware Tanzu Greenplum Backup & Components
VMware has released critical security updates to address 47 vulnerabilities across multiple VMware Tanzu Greenplum products, including 29 issues in VMware Tanzu Greenplum Backup and…
Windows Kerberos Vulnerability Enables Security Feature Bypass
Microsoft has disclosed a new security vulnerability in Windows operating systems, tracked as CVE-2025-29809. This flaw, classified with Important severity, impacts the Kerberos authentication protocol, potentially enabling attackers…
Hackers Claim Magento Breach via Third-Party, Leak CRM Data of 700K Users
A hacker using the alias “Satanic” claims Magento breach via third-party, leaks CRM data of more than 700,000 users, including emails, phone numbers, and company…