Cybernews

CISA flags actively exploited vulnerability of file transfer software used by US Air Force and Sony

Tracked as CVE-2025-47813, the security flaw allows threat actors with low privileges to discover the full local installation path of the application on unpatched servers ...
The Hacker News

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

DNS flaw in Amazon Bedrock and critical AI vulnerabilities expose data and enable RCE, risking breaches and infrastructure ...
Infosecurity Magazine

'CursorJack’ Attack Path Exposes Code Execution Risk in AI Development Environment

A method that could enable code execution through manipulated installation links in an AI development environment has been identified by security researchers. The technique, dubbed CursorJack by ...

Researchers disclose vulnerabilities in IP KVMs from four manufacturers

Researchers are warning about the risks posed by a low-cost device that can give insiders and hackers unusually broad powers ...
CSO Online

AWS Bedrock’s ‘isolated’ sandbox comes with a DNS escape hatch

BeyondTrust shows how AWS Bedrock AgentCore’s ‘isolated’ environment can be tricked into data exfiltration and command ...

Microsoft Issues Emergency Patch for Critical Windows 11 RRAS Vulnerabilities

Microsoft releases an out-of-band hotpatch for critical Windows 11 RRAS vulnerabilities that could allow remote code ...

CISA flags Wing FTP Server flaw as actively exploited in attacks

CISA warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability ...
Microsoft

Help on the line: How a Microsoft Teams support call led to compromise

Read the new Microsoft Cyberattack Series report to learn more about on how deception and trusted tools can enable ...
WinBuzzer

GitHub: Glassworm Hides Malware in Invisible Unicode Across 151+ Repos

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...

Chinese spy tech is endangering US hospitals. Texas is trying to shut that down

Texas Gov. Greg Abbott leads fight against Chinese medical devices after Food and Drug Administration warns of backdoors in ...

Microsoft blocking a Windows 11 & Server 2025 automatic installation feature0 0

Microsoft is blocking a method to deploy and automate Windows 11 and Server 2025 installations. The company has explained why ...

Why buying into Moltbook and OpenClaw may be Big Tech's most dangerous bet yet

Both Moltbook and OpenClaw are irredeemably insecure.  Whatever Meta and OpenAI paid, it was too much. Other, better programs ...