Browsing Tag
Vulnerability
1304 posts
EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data
Aim Labs uncovers EchoLeak, a zero-click AI flaw in Microsoft 365 Copilot that allows data theft via email. Learn how this vulnerability enables sensitive information exfiltration without user interaction and its implications for AI security.
US Tops List of Unsecured Cameras Exposing Homes and Offices
A BitSight report reveals over 40,000 internet-connected security cameras globally are exposed, streaming live footage without protection. Learn how common devices, from home cameras to factory surveillance, pose privacy and security risks and get simple tips to secure your own.
CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers
The US CISA reports critical vulnerabilities in SinoTrack GPS devices that could let attackers remotely control vehicles and track locations. Discover the vulnerabilities and essential steps to secure your device.
Operation Secure: INTERPOL Disrupts 20,000 Infostealer Domains, 32 Arrested
INTERPOL disrupts 20,000 infostealer domains in major cybercrime crackdown across Asia-Pacific, 32 arrested, 216K victims notified in Operation Secure.
Salesforce Industry Cloud Hit by 20 Vulnerabilities Including 0days
AppOmni research reveals over 20 security vulnerabilities, including zero-days, in the Salesforce Industry Cloud. Learn about critical risks, customer responsibilities, and how to protect sensitive data.
June 2025 Patch Tuesday: Microsoft Fixes 66 Bugs, Including Active 0-Day
June 2025 Patch Tuesday fixes 66 bugs, including a zero-day in WebDAV. Update Windows, Office, and more now to block active threats.
Two Mirai Botnets, Lzrd and Resgod Spotted Exploiting Wazuh Flaw
Akamai's latest report reveals two Mirai botnets exploiting the critical CVE-2025-24016 flaw in Wazuh. Learn about these fast-spreading IoT threats and urgent patching advice.
Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems
Malicious npm packages found with hidden endpoints that wipe systems on command. Devs warned to check dependencies for express-api-sync, system-health-sync-api.
Hackers Using Fake IT Support Calls to Breach Corporate Systems, Google
A financially motivated group of hackers known as UNC6040 is using a simple but effective tactic to breach…
Popular Chrome Extensions Found Leaking Data via Unencrypted Connections
Popular Chrome extensions exposed user data by sending it over unencrypted HTTP, raising privacy concerns. Symantec urges caution for users.