SAP Patch Day Highlights Critical Risks in Core Business Systems
New security disclosures address high-stakes vulnerabilities in NetWeaver and Commerce Cloud, demanding immediate enterprise action.
30 results for “security”
New security disclosures address high-stakes vulnerabilities in NetWeaver and Commerce Cloud, demanding immediate enterprise action.
A breach at a third-party IT vendor has exposed personal data of Lidl customers, forcing a security alert across multiple countries.
A deep dive into how an xAI coding tool silently moved entire repositories to cloud storage, bypassing standard privacy expectations.
A Telegram-based phishing service is lowering barriers to entry for M365 attacks by automating complex bypass and exfiltration workflows.
Compromised publishing credentials allowed attackers to inject malicious binaries into widely used Jscrambler NPM versions.
Traditional security frameworks are ill-equipped to handle the probabilistic, non-deterministic failures of modern AI models.
A 60-day review of the CMMC program aims to reduce compliance friction for small firms while maintaining core security standards.
Autonomous AI tools are accelerating breach lifecycles, forcing a pivot from human-speed defense to machine-speed mitigation strategies.
A swarm of 148 malicious npm packages exploited student browsers to fuel a sophisticated, dual-layered botnet operation.
Microsoft details how threat actors bypassed traditional defenses to compromise Salesforce environments via OAuth and guest access.
Federal authorities warn that Russian hackers are leveraging compromised SOHO routers to mask intrusions into critical infrastructure.
Federal authorities are hunting two state-linked cyber groups behind a persistent, large-scale campaign targeting Signal and WhatsApp.
A multinational security alert warns that outdated network management protocols and neglected hardware are fueling persistent cyberespionage.
Researchers reveal that automated vulnerability scanning tools from Anthropic and OpenAI can be tricked into executing malicious code.
Joint sanctions targeting military intelligence and private threat actors aim to disrupt an expansive Russian ecosystem of digital aggression.
A systemic vulnerability across major AI coding assistants highlights the dangerous failure of human-in-the-loop security protocols.
Microsoft has addressed the RoguePlanet vulnerability, ending a contentious saga with security researcher Nightmare Eclipse.
A popular header-editing tool was removed from major stores after researchers discovered a silent, encrypted exfiltration system.
While AI coding tools promise efficiency, hidden security overheads and remediation expenses are complicating the true return on investment.
Microsoft identifies a sophisticated new backdoor, GigaWiper, which stitches together existing malware to facilitate targeted data destruction.
Researchers have identified five unique prompt injection techniques that exploit how large language models process user inputs.
A leaked GitHub repository containing agency secrets has sparked a congressional investigation into CISA’s internal security posture.
Authorities seized 800 servers in a probe targeting individuals accused of facilitating cyberattacks through sanctioned networks.
Researchers have identified a new vector where cloud-hosted AI infrastructure is being hijacked for illicit cryptocurrency operations.
Enterprise users instructed to disable Storage Zone Controllers as an investigation into a potential external security breach unfolds.
A critical firmware certificate rollout has been paused for specific Windows 11 devices following reports of update failures.
A sophisticated new C++ information stealer leverages legitimate Apple developer IDs to bypass Gatekeeper and harvest user credentials.
Nihon Kotsu has taken critical systems offline following a security breach that disrupted dispatch and reservation capabilities.
A critical high-risk vulnerability in Chrome’s Intents feature has been patched, marking the fifth exploited zero-day of the year.
Check Point CTO Jonathan Zanger discusses how AI scales defense operations and complicates the enterprise threat landscape.