The personal information of 167,000 individuals was compromised in an October 2024 data breach at Central Kentucky Radiology. The post Central Kentucky Radiology Data Breach Impacts 167,000 appeared first on SecurityWeek.
Two critical vulnerabilities in Cisco ISE could allow remote attackers to execute arbitrary code with root privileges. The post Critical Cisco ISE Vulnerabilities Allow Remote Code Execution appeared first on SecurityWeek.
An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel. “In some of those campaigns, Israeli technology and cyber security professionals were approached by attackers who posed asRead More »Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks
25-year-old Kai West, believed to be the hacker IntelBroker, was arrested in France and charged by the United States. The post British Man Suspected of Being the Hacker IntelBroker Arrested, Charged appeared first on SecurityWeek.
Cybersecurity researchers are calling attention to a series of cyber attacks targeting financial organizations across Africa since at least July 2023 using a mix of open-source and publicly available tools to maintain access. Palo Alto Networks Unit 42 is tracking the activity under the moniker CL-CRI-1014, where “CL” refers toRead More »Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa
Citrix has released patches for a critical vulnerability in NetScaler ADC and NetScaler Gateway exploited as a zero-day. The post Critical Citrix NetScaler Flaw Exploited as Zero-Day appeared first on SecurityWeek.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Fortinet FortiOS, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2024-54085 (CVSS score: 10.0) –Read More »CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet
Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature, called Message Summaries, is currently rolling out in the English language to users in the United States, with plans to bring it toRead More »WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews
New research has uncovered continued risk from a known security weakness in Microsoft’s Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications. Identity security company Semperis, in an analysis of 104 SaaS applications, found nine of them to be vulnerable to Entra ID cross-tenantRead More »nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery
Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9.2 out of a maximum of 10.0. It has been described as a case of memory overflow thatRead More »Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
