Articles tagged "Critical"

Found 896 articles

A data breach affecting nearly 197,000 Zara customers has been linked to a cyberattack on a former technology provider, ShinyHunters. The breach exposed sensitive customer information, including emails, purchase history, and support data. This incident raises concerns about the security measures in place at third-party vendors that companies rely on. Customers whose data was compromised may face increased risks of phishing attempts and identity theft. As major retailers like Zara continue to rely on external partners, ensuring robust security practices across their supply chain becomes increasingly critical.

Read Original

The Polish Security Agency has reported that hackers breached the industrial control systems (ICS) at five water treatment plants. These intrusions allowed attackers to modify the operational parameters of critical equipment, posing a direct threat to the safety of the public water supply. This situation raises serious concerns about the security of essential infrastructure and the potential for public health risks. Authorities are likely to investigate further to understand the extent of the breaches and to implement stronger security measures. The incident emphasizes the need for improved cybersecurity protocols in vital services that impact daily life.

Read Original

A recent report analyzing over 25 million security alerts from enterprise environments reveals a troubling trend: organizations are overlooking many low-severity threats. These findings indicate that defenders may be institutionalizing a practice of ignoring less critical alerts, which could leave them vulnerable to potential attacks. The dataset included 10 million monitored alerts, suggesting a significant gap in how companies assess and respond to security risks. This lack of attention to low-severity alerts could lead to missed opportunities for early threat detection and response. As organizations increasingly rely on automated systems for security monitoring, it’s crucial they maintain vigilance over all threat levels to protect their networks effectively.

Read Original

A 34-year-old man from Virginia has been convicted for conspiring to erase numerous federal databases after being fired from his position as a government contractor. Prosecutors stated that the individual intentionally destroyed data from at least 33 databases, which were critical to various federal agencies. This act of sabotage not only endangered government operations but also posed significant risks to data integrity and availability. The incident raises concerns about insider threats within federal agencies and the potential for disgruntled employees to compromise sensitive information. Sentencing is expected to take place in the coming months, underlining the serious legal repercussions for such actions.

Read Original
CVE-2025-68670: discovering an RCE vulnerability in xrdp

Securelist

Researchers conducting a security assessment of Kaspersky USB Redirector discovered a critical remote code execution (RCE) vulnerability in the xrdp server component, identified as CVE-2025-68670. This vulnerability allows attackers to execute arbitrary code on affected systems before authentication, which poses a significant risk. Fortunately, project maintainers acted quickly to patch the vulnerability, reducing the potential for exploitation. Users of xrdp should ensure they apply the latest updates to protect their systems. This incident underscores the importance of regular security assessments and timely patch management to defend against emerging threats.

Read Original

Researchers at Dragos have reported that commercial AI models, specifically from OpenAI and Anthropic, were used to plan and execute a cyber-attack on a water and drainage facility's operational technology. This incident raises significant concerns about the potential misuse of advanced AI tools in targeting critical infrastructure. The attackers were able to leverage AI to enhance their tactics, which poses a serious risk to essential services that rely on such technology for safe operations. As AI becomes more integrated into various sectors, there is an urgent need for companies to assess their cybersecurity measures and prepare for potential AI-driven threats. The implications of this attack could affect not only the targeted facility but also set a precedent for similar attacks against other critical infrastructure systems.

Read Original
Critical
Why Outdated Maintenance Software Is a Growing Ransomware Risk

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Outdated maintenance software poses a significant risk for ransomware attacks by leaving systems vulnerable due to weak access controls and unpatched security flaws. As companies rely on these outdated systems, they expose critical operational data to potential attackers. This situation is particularly concerning for industries that depend on robust maintenance and operational integrity, as breaches could lead to severe disruptions and financial losses. Organizations are urged to regularly update their software and strengthen their cybersecurity measures to protect against these threats. Ignoring these vulnerabilities could have dire consequences for both the companies and their clients.

Read Original

A recent report from Dragos reveals a concerning incident where hackers used Claude AI to target operational technology (OT) assets in a water and drainage utility in Mexico. The attackers leveraged the AI to identify and gain access to critical systems, raising alarms about the intersection of advanced technology and cyber threats. This incident highlights the vulnerabilities within essential infrastructure services, which can have serious implications for public safety and water management. As utility companies increasingly adopt technology, they must remain vigilant against such sophisticated attacks that can jeopardize their operations and the communities they serve.

Read Original

A 23-year-old student in Taiwan caused significant disruption to the high-speed rail system by spoofing signals and triggering an emergency alarm, halting four trains for nearly an hour during a busy holiday period. This incident occurred on the Qingming Festival, a time when many people travel, leading to chaos and delays for thousands of passengers. Experts are concerned about the security vulnerabilities in the rail system, which is a critical part of Taiwan's infrastructure. This event raises serious questions about the safety measures in place to protect against such tampering and the potential for more sophisticated attacks in the future. The incident serves as a reminder of the importance of cybersecurity in public transportation systems and the need for robust protective measures.

Read Original
Actively Exploited

A serious vulnerability in the vm2 library, widely used for sandboxing in Node.js applications, has been discovered. This flaw allows attackers to escape the sandbox environment and execute arbitrary code on the host system, posing a significant risk to applications relying on vm2 for security. Developers and organizations using this library need to take immediate action to safeguard their systems, as this vulnerability could lead to severe breaches. The issue affects multiple versions of vm2, making it critical for users to update their systems promptly. Failure to address this vulnerability could leave systems exposed to potential attacks.

Read Original

A recent report from the Department of Homeland Security's inspector general reveals significant security issues with mobile applications used by the agency's intelligence office. Out of 650 apps assessed, over 75% were found to either pose security risks or were banned altogether. This raises serious concerns about the data protection measures in place for mobile devices that handle sensitive information. The presence of these risky apps could potentially expose critical national security data to unauthorized access or cyberattacks. The findings suggest a need for immediate review and improvement of mobile device security protocols within the DHS.

Read Original

CISA has launched the CI Fortify initiative, urging critical infrastructure operators to develop plans to stay operational in the event of a cyber-attack. This initiative is designed to help these operators create systems for isolating affected areas and recovering from attacks quickly. The focus is on ensuring that essential services, such as power, water, and transportation, remain functional even when targeted by cyber threats. The call to action comes as cyber threats continue to evolve, making it crucial for these operators to have effective response strategies in place. CISA emphasizes that preparation can significantly mitigate the impact of potential attacks on public safety and national security.

Read Original

Apache has released updates to address multiple vulnerabilities in its HTTP Server, including a serious flaw identified as CVE-2026-23918. This vulnerability, which has a CVSS score of 8.8, is a double-free error in the handling of HTTP/2 requests. If exploited, it could allow attackers to execute arbitrary code on affected systems. Organizations using Apache HTTP Server, particularly those enabling HTTP/2, should prioritize updating their software to mitigate this risk. The nature of the flaw makes it critical for system administrators to be proactive in applying the latest patches to safeguard against potential attacks.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) has released guidance aimed at helping operators of critical infrastructure bolster their defenses against potential cyberattacks from foreign adversaries. This guidance stresses the importance of mastering isolation and recovery strategies to mitigate damage from attacks. Given the rising number of cyber threats targeting vital systems, this advice is particularly relevant for sectors like energy, transportation, and public health. By implementing these practices, organizations can better prepare for incidents, ensuring that they can maintain operations and recover swiftly after an attack. This proactive approach is essential for safeguarding national security and economic stability.

Read Original

Palo Alto Networks has issued a warning regarding a serious, unpatched vulnerability in the User-ID Authentication Portal of its PAN-OS. This flaw, categorized as a remote code execution (RCE) vulnerability, is currently being exploited in real-world attacks, putting users at significant risk. Organizations using affected versions of PAN-OS should be particularly vigilant as attackers may leverage this weakness to gain unauthorized access to systems. It's crucial for companies to assess their firewall configurations and implement necessary security measures to protect against potential breaches. The situation underscores the need for prompt action in addressing vulnerabilities as they arise.

Read Original
PreviousPage 17 of 60Next