SecurityWeek

Critical Grandstream Phone Vulnerability Exposes Calls to Interception

A critical vulnerability affecting Grandstream’s GXP1600 series phones could allow threat actors to intercept calls.

‘Resurge’ malware can remain undetected on devices

The malware can remain undetected on a system until a threat actor initiates a connection with the compromised device, a CISA spokesperson told Cybersecurity Dive. CISA does not know of other CVEs ...

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days ...
Microsoft

AI as tradecraft: How threat actors operationalize AI

Threat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrated by recent activity from North Korean groups ...

Chinese state hackers target telcos with new malware toolkit

A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge ...

Cisco warns of max severity Secure FMC flaws giving root access

Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software.

New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises

Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a ...