Cybersecurity

The timeline in the "SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem" advisory is mind blowing:

https://seclists.org/fulldisclosure/2025/Jun/17

#CVE_2025_26412 #infosec #cybersecurity #vulnerability

New #Veeam RCE flaw lets domain users hack backup servers

https://www.bleepingcomputer.com/news/security/new-veeam-rce-flaw-lets-domain-users-hack-backup-servers/

#cybersecurity

#Sitecore #CMS exploit chain starts with hardcoded 'b' password

https://www.bleepingcomputer.com/news/security/sitecore-cms-exploit-chain-starts-with-hardcoded-b-password/

#cybersecurity

Hackers switch to targeting U.S. #insurance companies

https://www.bleepingcomputer.com/news/security/google-warns-scattered-spider-hackers-now-target-us-insurance-companies/

#cybersecurity

Think Twice Before You Click ‘Unsubscribe’

https://www.msn.com/en-us/public-safety-and-emergencies/health-and-safety-alerts/think-twice-before-you-click-unsubscribe/ar-AA1GoBBj

#cybersecurity

#WindowsHello face unlock no longer works in the dark, and #Microsoft says it's not a bug

https://www.windowscentral.com/software-apps/windows-11/windows-hello-face-unlock-no-longer-works-in-the-dark-and-microsoft-says-its-not-a-bug

#biometrics #cybersecurity

📢 European #cybersecurity is evolving! Explore how the #CRA & #NIS2 will affect small to medium #opensource vendors at the #openSUSE Conference.
✅ Legal alignment
✅ Risk response
✅ Community readiness
🗓️ June 26 | Nuremberg
#opensource #compliance #EU #regulations https://events.opensuse.org/

Researchers Create World's First Completely Verifiable Random Number Generator

https://science.slashdot.org/story/25/06/16/1656252/researchers-create-worlds-first-completely-verifiable-random-number-generator

#cybersecurity #randomness

As #grocery shortages persist, #UNFI says it’s recovering from #cyberattack

https://techcrunch.com/2025/06/16/food-distributor-unfi-says-its-recovering-from-cyberattack-as-grocery-shortages-persist/

#cybersecurity

#KaliLinux 2025.2 released with 13 new tools, car hacking updates

https://www.bleepingcomputer.com/news/security/kali-linux-20252-released-with-13-new-tools-car-hacking-updates/

#cybersecurity #FOSS #Kali #Linux

#Zoomcar discloses security breach impacting 8.4 million users

https://www.bleepingcomputer.com/news/security/zoomcar-discloses-security-breach-impacting-84-million-users/

#cybersecurity #DataBreach #privacy

Over 46,000 #Grafana instances exposed to account takeover bug

https://www.bleepingcomputer.com/news/security/over-46-000-grafana-instances-exposed-to-account-takeover-bug/

#cybersecurity

#WestJet investigates #cyberattack disrupting internal systems

https://www.bleepingcomputer.com/news/security/westjet-investigates-cyberattack-disrupting-internal-systems/

#cybersecurity #travel #Canada

#Anubis #ransomware adds wiper to destroy files beyond recovery

https://www.bleepingcomputer.com/news/security/anubis-ransomware-adds-wiper-to-destroy-files-beyond-recovery/

#cybersecurity

According to a new report, there are 13 China-owned VPN apps in the Apple App Store. None of them clearly disclose their links to China, and some use shell companies to hide their origin.

There are similar problems in Android's Google Play store.

Would you trust your internet traffic to a company that can be compelled to share its user data with the Chinese government?

Don't you think Apple and Google should be protecting their users better?

#cybersecurity #vpn #privacy

Genetic testing company 23andMe has sold itself to a nonprofit led by the company’s former CEO Anne Wojcicki. @Techcrunch reports:

https://flip.it/bhw2IJ

#Tech #23AndMe #BioTech #Health #CyberSecurity

Help Us Shape the New #Filen Hub – We Want Your Feedback!

https://blog.filen.io/help-us-shape-the-new-filen-hub-we-want-your-feedback/

#FOSS #cybersecurity

Introducing premium accounts to fund the matrix(dot)org homeserver

https://matrix.org/blog/2025/06/funding-homeserver-premium/

#FOSS #Matrix #cybersecurity #privacy

#Microsoft confirms auth issues affecting #Microsoft365 users

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-auth-issues-affecting-microsoft-365-users/

#cybersecurity

"- A company owned by a Russian network engineer named Vladimir Vedeneev controls thousands of Telegram IP addresses and maintains its servers.

• Vedeneev’s other companies have a history of collaborating with Russia’s defense sector, the FSB security service, and other highly sensitive agencies.

• Because of the way Telegram’s encryption protocols work, even users who use its “end-to-end” encryption features are vulnerable to being tracked by anyone who can monitor its network traffic."

https://www.occrp.org/en/investigation/telegram-the-fsb-and-the-man-in-the-middle

#CyberSecurity #Privacy #Telegram #Russia #Encryption #FSB

#VictoriasSecret restores critical systems after #cyberattack

https://www.bleepingcomputer.com/news/security/victorias-secret-restores-critical-systems-after-cyberattack/

#cybersecurity

"As AI agents powered by Large Language Models (LLMs) become increasingly versatile and capable of addressing a broad spectrum of tasks, ensuring their security has become a critical challenge. Among the most pressing threats are prompt injection attacks, which exploit the agent’s resilience on natural language inputs — an especially dangerous threat when agents are granted tool access or handle sensitive information. In this work, we propose a set of principled design patterns for building AI agents with provable resistance to prompt injection. We systematically analyze these patterns, discuss their trade-offs in terms of utility and security, and illustrate their real-world applicability through a series of case studies."

https://arxiv.org/html/2506.08837v2

#AI #GenerativeAI #LLMs #PromptInjection #AIAgents #AgenticAI #CyberSecurity

#Cloudflare: Outage not caused by security incident, data is safe

https://www.bleepingcomputer.com/news/security/cloudflare-outage-not-caused-by-security-incident-data-is-safe/

#cybersecurity

#Signalgate 2.0 proves it - there’s no such thing as a “Backdoor for the Good Guys Only”

https://tuta.com/blog/opinion-signalgate

#cybersecurity #encryption

Coming to #Apple OSes: A seamless, secure way to import and export #passkeys

https://arstechnica.com/security/2025/06/apple-previews-new-import-export-feature-to-make-passkeys-more-interoperable/

#cybersecurity