New GeminiJack 0-Click Flaw in Google AI Exposed Users to Data Leaks
09
Dec
2025

New GeminiJack 0-Click Flaw in Gemini AI Exposed Users to Data Leaks – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More

A major security flaw, dubbed GeminiJack, was recently discovered by cybersecurity firm Noma Security in Google’s Gemini Enterprise and the…

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
09
Dec
2025

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Dec 09, 2025Ravie LakshmananRansomware / Endpoint Security The threat actor known as Storm-0249 is likely shifting from its role as…

How Chinese-owned Radisson Hotel Group split US enterprise resource planning
09
Dec
2025

How Chinese-owned Radisson Hotel Group split US enterprise resource planning

Among the interesting discussions taking place during this year’s annual UKISUG 25 conference was how much SAP customisation is actually…

Critical Emby Server Vulnerability Let Attackers Gain Admin Access
09
Dec
2025

Critical Emby Server Vulnerability Let Attackers Gain Admin Access

A critical vulnerability has been discovered in Emby Server that allows unauthenticated attackers to gain full administrative access to affected…

Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens
09
Dec
2025

Malicious VS Code on Microsoft Registry Steals WiFi Passwords and Captures Screens

Security researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The…

A set of hands types onto a laptop keyboard, viewed from above. The words "Prompt" and "Generate" appear at the top of the image.
09
Dec
2025

Prompt injection is a problem that may never be fixed, warns NCSC

Prompt injection is shaping up to be one of the most stubborn problems in AI security, and the UK’s National…

Digital sovereignty about outcomes, not theoretical ideals
09
Dec
2025

Digital sovereignty about outcomes, not theoretical ideals

The conversation around digital sovereignty is gaining momentum worldwide. In today’s climate of geopolitical uncertainty and technological competition, it is…

Exploiting Logic Flaws: Advanced Exploitation Guide
09
Dec
2025

Exploiting Logic Flaws: Advanced Exploitation Guide

It’s no secret that complexity is the biggest rival of safe applications. As web apps become more sophisticated, they create…

New Prompt Injection Attack via Malicious MCP Servers Let Attackers Drain Resources
09
Dec
2025

New Prompt Injection Attack via Malicious MCP Servers Let Attackers Drain Resources

Security researchers have uncovered critical vulnerabilities in the Model Context Protocol (MCP) sampling feature. Revealing how malicious servers can exploit…

New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware
09
Dec
2025

New Vishing Attack Exploits Microsoft Teams and QuickAssist to Deploy .NET Malware

A sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading…

Global Costs of Software Supply Chain Attacks On The Rise
09
Dec
2025

Global Costs of Software Supply Chain Attacks On The Rise

09 Dec Global Costs of Software Supply Chain Attacks On The Rise Posted at 08:33h in Blogs by Taylor Fox…

New Black Kite module offers product-level insight into software supply chain vulnerabilities
09
Dec
2025

New Black Kite module offers product-level insight into software supply chain vulnerabilities

Black Kite released its new Product Analysis module, which allows security teams to evaluate the risks of third-party software products…