Articles tagged "Critical"

Found 909 articles

Actively Exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive for U.S. government agencies to patch a serious vulnerability in Ivanti Endpoint Manager Mobile (EPMM). This flaw has been exploited in attacks since January, making it a significant risk for federal systems. Agencies have only until Sunday to address this issue, underscoring the urgency to protect sensitive data from potential breaches. The vulnerability affects the Ivanti EPMM software, which is widely used for managing mobile devices. Failure to patch could leave these systems open to further exploitation by attackers, which could have serious implications for national security.

Read Original

A research collaboration between Access Now, Lookout, and SMEX has uncovered a troubling spyware campaign targeting journalists in the Middle East and North Africa. The campaign is believed to be linked to a group called Bitter, which is suspected of having connections to the Indian government. The spyware, identified as ProSpy, poses a significant risk to the privacy and safety of journalists in the region, as it can be used to monitor their communications and activities. This incident raises serious concerns about the increasing use of hack-for-hire services to silence critical voices and undermine press freedom. The implications of this spyware campaign extend beyond individual journalists, potentially affecting the broader landscape of media and freedom of expression in these areas.

Read Original

A critical vulnerability has been discovered in Ninja Forms, a popular WordPress plugin, with a severity rating of 9.8 out of 10. This flaw affects versions up to 3.3.26 and could allow attackers to execute remote code on affected sites. Users running this version of Ninja Forms are at significant risk, as the vulnerability could be exploited to gain unauthorized access or control over their websites. It's crucial for website administrators to address this issue promptly to prevent potential exploitation. Users should update to the latest version of the plugin to protect their sites from this serious threat.

Read Original

Signature Healthcare in Brockton, Massachusetts, experienced a cyberattack that severely disrupted its hospital operations, leading to the diversion of ambulances and the cancellation of some services. The attack particularly affected pharmacy operations, preventing staff from filling prescriptions, although urgent care and walk-in services continued to function. This incident highlights the vulnerabilities in healthcare systems, which are increasingly targeted by cybercriminals. The impact on patient care and access to medications raises significant concerns about the security measures in place at healthcare facilities. As more hospitals digitize their operations, the need for robust cybersecurity practices becomes more critical.

Read Original

Iranian hackers have targeted critical infrastructure in the United States by exploiting Internet-facing operational technology (OT) devices, specifically programmable logic controllers (PLCs). This breach has led to file and display manipulation, causing significant operational disruptions and financial losses across various sectors. The attackers have demonstrated their capability to disrupt essential services, raising concerns about the security of critical infrastructure in the U.S. Organizations relying on these systems need to review their security measures to prevent similar incidents in the future. The situation serves as a wake-up call for industries to prioritize the protection of their OT environments against external threats.

Read Original

Signature Healthcare, a Massachusetts hospital, is facing significant disruptions due to a cyberattack that has forced the facility to divert ambulances and cancel certain services. The attack has also impacted the hospital's pharmacies, rendering them unable to fill prescriptions for patients. This incident underscores the vulnerabilities that healthcare systems face from cyber threats, which can directly affect patient care and safety. As hospitals increasingly rely on digital systems, attacks like this can disrupt critical services and have severe implications for patient health. The situation is ongoing, and the hospital is likely working to restore normal operations while managing the fallout from the incident.

Read Original

Anthropic has launched Project Glasswing, an initiative aimed at using its Claude Mythos Preview AI to autonomously detect and fix previously undiscovered vulnerabilities in critical software. This project addresses a significant concern in cybersecurity, as many vulnerabilities remain unaddressed until they are exploited by attackers. By leveraging AI, Anthropic hopes to enhance the security of various software systems, potentially reducing the risk of breaches and attacks. This proactive approach could benefit organizations that rely on critical software, as it aims to minimize the window of exposure for undetected vulnerabilities. The implications of this technology could be far-reaching, as it addresses a growing need for automated security solutions in a rapidly evolving threat landscape.

Read Original

Anthropic has introduced Claude Mythos, a new AI model aimed at bolstering cybersecurity through a project called Glasswing. This initiative seeks to protect software from potential cyber threats before they can be exploited by malicious actors. The interest in Claude Mythos surged following a leak of nearly 3,000 internal files, raising concerns about the implications of AI in cybersecurity. While the technology promises to enhance protection against cyberattacks, it also poses risks as it could be used to improve the capabilities of attackers. This dual-use nature of AI in security underscores the need for careful consideration and regulation in its deployment.

Read Original
Critical
Python Supply-Chain Compromise

Schneier on Security

Actively Exploited

Researchers have discovered a malicious code injection in the Python Package Index (PyPI) through a compromised version of the litellm package, specifically version 1.82.8. This version includes a harmful .pth file that executes automatically when Python starts, without needing the litellm module to be imported. This means that any user who installs this package could unknowingly run the malicious code, posing a significant risk to their systems. The incident raises concerns about supply chain security in the Python ecosystem and underscores the need for better security measures, such as Software Bill of Materials (SBOMs) and verification systems. Users of Python and developers relying on this package should take immediate steps to secure their environments and avoid the compromised version.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) has reported that Iranian-backed threat actors are targeting U.S. critical infrastructure firms through internet-facing operational technology (OT) assets. These attacks have resulted in significant disruptions and financial losses for these companies. While specific companies affected have not been disclosed, the potential risks to critical infrastructure highlight the growing concern over state-sponsored cyber threats. Organizations in the energy, water, and transportation sectors should be particularly vigilant and enhance their security measures to protect against such attacks. This incident emphasizes the need for robust cybersecurity practices in an increasingly interconnected world.

Read Original
Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

Security Affairs

Actively Exploited

A serious vulnerability in Flowise, identified as CVE-2025-59528, is currently being exploited by attackers to execute malicious code remotely. This flaw, which has a CVSS score of 10, arises from insufficient validation of user-supplied JavaScript, allowing unauthorized access to systems and file systems. Organizations using Flowise are at risk, as this vulnerability can lead to significant security breaches. The exploitation of such vulnerabilities can result in data theft, system compromise, and other malicious activities. It's essential for users and administrators to be aware of this issue and take appropriate action to protect their systems.

Read Original

Tech giants are collaborating on a new initiative called 'Project Glasswing' aimed at using artificial intelligence to spot critical software vulnerabilities before they can be exploited. This move comes as the tech industry faces increasing pressure to secure software against potential attacks that leverage AI capabilities. By identifying these vulnerabilities early, companies hope to bolster their defenses and stay ahead of attackers who are also using advanced technologies. This initiative is significant because it represents a proactive approach to cybersecurity, addressing the growing concerns about the effectiveness of traditional security measures in the face of evolving threats. The program's success could lead to more secure software across various platforms, ultimately benefiting users and organizations alike.

Read Original

U.S. government agencies have issued an urgent warning about Iranian hackers targeting American energy and water infrastructure. These cyberattacks are aimed at disrupting devices and systems that manage industrial processes. Reports indicate that these attacks have already caused damage to some victims over the past month, coinciding with increased tensions due to U.S.-Israel strikes against Iran. This situation raises concerns about the security of critical infrastructure, as such attacks could lead to significant disruptions in essential services like electricity and water supply. Officials are urging organizations in the energy and water sectors to bolster their defenses against these threats.

Read Original
Actively Exploited

A serious vulnerability has been discovered in Flowise that allows attackers to run arbitrary JavaScript code, which could lead to unauthorized access to a user's file system. This issue stems from improper validation of user-supplied code, making it a significant risk for users and organizations relying on Flowise. If exploited, attackers could manipulate data or install malicious software, raising concerns about data integrity and security. Users need to be aware of this vulnerability and take steps to secure their systems. Immediate action is necessary to prevent potential breaches and safeguard sensitive information.

Read Original

A new exploit known as GrafanaGhost has been discovered that can bypass AI guardrails, allowing attackers to exfiltrate sensitive data from Grafana instances. This vulnerability combines AI prompt injection techniques with URL flaws to access information that should be protected. Grafana, a widely used open-source platform for data visualization, is particularly vulnerable, and this breach could expose critical insights stored by companies using the software. The implications are serious, as organizations could face data leaks that might compromise their operations and customer trust. Users of Grafana are urged to review their security settings and monitor for any unusual access patterns to safeguard their data.

Read Original
PreviousPage 28 of 61Next