Skip to content
Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

Cybersecurity researchers have discovered two Android spyware campaigns dubbed ProSpy and ToSpy that impersonate apps like Signal and ToTok to target users in the United Arab Emirates (U.A.E.). Slovak cybersecurity company ESET said the malicious apps are distributed via fake websites and social engineering to trick unsuspecting users into downloadingRead More »Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

1.5 Million Impacted by Allianz Life Data Breach

In July, hackers stole files containing names, addresses, dates of birth, and Social Security numbers from a cloud-based CRM. The post 1.5 Million Impacted by Allianz Life Data Breach appeared first on SecurityWeek.

New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

In yet another piece of research, academics from Georgia Institute of Technology and Purdue University have demonstrated that the security guarantees offered by Intel’s Software Guard eXtensions (SGX) can be bypassed on DDR4 systems to passively decrypt sensitive data. SGX is designed as a hardware feature in Intel server processorsRead More »New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

A high-severity security flaw has been disclosed in the One Identity OneLogin Identity and Access Management (IAM) solution that, if successfully exploited, could expose sensitive OpenID Connect (OIDC) application client secrets under certain circumstances. The vulnerability, tracked as CVE-2025-59363, has been assigned a CVSS score of 7.7 out of 10.0.Read More »OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

Learn How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

Learn How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

AI is changing automation—but not always for the better. That’s why we’re hosting a new webinar, “Workflow Clarity: Where AI Fits in Modern Automation,” with Thomas Kinsella, Co-founder & Chief Customer Officer at Tines, to explore how leading teams are cutting through the hype and building workflows that actually deliver.TheRead More »Learn How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

A severe security flaw has been disclosed in the Red Hat OpenShift AI service that could allow attackers to escalate privileges and take control of the complete infrastructure under certain conditions. OpenShift AI is a platform for managing the lifecycle of predictive and generative artificial intelligence (GenAI) models at scaleRead More »Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

Copyright © 2026 infosecintel.net