SAP Patches Critical S/4HANA Vulnerability
SAP has released 15 new security notes on the August 2025 Patch Tuesday, including for critical vulnerabilities. The post SAP Patches Critical S/4HANA Vulnerability appeared first on SecurityWeek.
The “Incriminating Video” Scam
A few years ago, scammers invented a new phishing email. They would claim to have hacked your computer, turned your webcam on, and videoed you watching porn or having sex. BuzzFeed has an article talking about a “shockingly realistic” variant, which includes photos of you and your house—more specific information.Read More »The “Incriminating Video” Scam
The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions
Most security tools can’t see what happens inside the browser, but that’s where the majority of work, and risk, now lives. Security leaders deciding how to close that gap often face a choice: deploy a dedicated Enterprise Browser or add an enterprise-grade control layer to the browsers employees already useRead More »The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions
OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability
The recently patched Erlang/OTP flaw CVE-2025-32433 has been exploited since early May, shortly after its existence came to light. The post OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability appeared first on SecurityWeek.
Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors
The Dutch National Cyber Security Centre (NCSC-NL) has warned of cyber attacks exploiting a recently disclosed critical security flaw impacting Citrix NetScaler ADC products to breach organizations in the country. The NCSC-NL said it discovered the exploitation of CVE-2025-6543 targeting several critical organizations within the Netherlands, and that investigations areRead More »Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors
Average Cyber Budget Reaches 5 Year Low, CISOs Discuss
Cyber budgets have reached the lowest growth rate in five years, with only 47% of CISOs reporting a budget increase this year.
New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises
We uncovered a campaign that makes use of Charon, a new ransomware family, and advanced APT-style techniques to target organizations with customized ransom demands.
New TETRA Radio Encryption Flaws Expose Law Enforcement Communications
Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) communications protocol, including in its proprietary end-to-end encryption (E2EE) mechanism that exposes the system to replay and brute-force attacks, and even decrypt encrypted traffic. Details of the vulnerabilities – dubbed 2TETRA:2BURST – were presentedRead More »New TETRA Radio Encryption Flaws Expose Law Enforcement Communications
Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as early as beginning of May 2025, with about 70% of detections originating from firewalls protecting operational technology (OT) networks. The vulnerability in question is CVE-2025-32433 (CVSS score: 10.0), a missing authentication issueRead More »Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
Chrome Sandbox Escape Earns Researcher $250,000
A researcher has been given the highest reward in Google’s Chrome bug bounty program for a sandbox escape with remote code execution. The post Chrome Sandbox Escape Earns Researcher $250,000 appeared first on SecurityWeek.