Articles tagged "Vulnerability"

Found 949 articles

Critical
Hackers Use Hidden Website Instructions in New Attacks on AI Assistants

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Cybersecurity researchers at Forcepoint have discovered new indirect prompt injection attacks that exploit AI assistants, particularly targeting tools like GitHub Copilot. These attacks work by embedding hidden instructions within website code, which the AI assistants unknowingly execute. This poses a significant risk as it allows attackers to manipulate the AI's responses without direct interaction. Companies using these AI tools should be vigilant about the code they incorporate into their platforms, as these vulnerabilities could lead to unintended outputs or security breaches. The findings emphasize the need for better safeguards in AI systems to prevent such exploitation.

Read Original

A newly discovered vulnerability in Microsoft Defender has been exploited as a zero-day, allowing attackers to access the Security Account Manager (SAM) database. This flaw enables them to extract NTLM hashes, potentially granting them system-level privileges. This is particularly concerning as it affects a widely used security solution, which could put numerous systems at risk. Organizations using Microsoft Defender should be vigilant, as this exploitation may lead to unauthorized access to sensitive data and systems. The urgency of addressing this vulnerability cannot be overstated, given its potential impact on user security.

Read Original

The 2026 InsurSec Report from At-Bay reveals a significant increase in cyber insurance claims, with a 7% rise in frequency and an average claim severity reaching $221,000. Ransomware attacks are notably costly, with an average severity of $508,000, marking a 16% increase from the previous year. A key finding is that remote access services were the entry point for 87% of ransomware claims in 2025, indicating a major vulnerability for organizations. This rise in claims underscores the growing threat of cyber incidents, particularly ransomware, and highlights the need for businesses to strengthen their security measures. As cyber threats evolve, companies must prioritize securing remote access points to mitigate risks and potential financial losses.

Read Original

Agoda, a popular booking platform in Asia, has denied rumors of a significant data breach that allegedly compromised 82 million user records. This denial comes shortly after its parent company, Booking Holdings, reported a data breach affecting Booking.com, which exposed sensitive user reservation information. The claims about Agoda's breach were fueled by concerns over the recent vulnerability at Booking.com, raising alarms about the security of user data across these platforms. While Agoda insists that no such breach occurred, the situation highlights ongoing concerns over data security in the travel industry. Users should remain vigilant about their personal information, especially in light of recent incidents affecting major companies.

Read Original
Actively Exploited

A severe vulnerability in Apache ActiveMQ, identified as CVE-2026-34197, has put over 6,400 servers at risk of exploitation. This widely used open-source message broker is utilized globally, with 6,476 instances exposed to the internet. Attackers could potentially execute code remotely, which could lead to significant security breaches. Organizations using ActiveMQ should take immediate action to assess their systems and implement protective measures. The urgency of this situation highlights the need for timely updates and monitoring of server configurations to prevent unauthorized access.

Read Original
Actively Exploited

A new campaign linked to the Mirai malware is exploiting a serious command-injection vulnerability in D-Link DIR-823X routers, identified as CVE-2025-29635. This vulnerability allows attackers to take control of the routers and integrate them into a botnet. Users of these routers are at risk as their devices can be hijacked for malicious purposes, including launching distributed denial-of-service (DDoS) attacks. This situation is particularly concerning since the affected routers are at the end of their life cycle, meaning they are unlikely to receive security updates. It’s crucial for users to be aware of this exploit and take necessary precautions to secure their networks.

+1 more
Read Original

A recent report from Mozilla reveals that the Claude Mythos AI model has identified hundreds of bugs within the Firefox browser. While this discovery can enhance the security of Firefox by allowing developers to patch vulnerabilities, it also poses a risk by potentially lowering the barriers for attackers. With these bugs exposed, malicious actors could exploit them before they are addressed. This situation raises concerns about the balance between improving security through vulnerability detection and the risk of making it easier for attackers to find and exploit weaknesses. Users of Firefox should stay alert for updates and patches to ensure their browsing experience remains secure.

Read Original
Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers

Security Affairs

Actively Exploited

The Mirai botnet is exploiting a newly discovered vulnerability in older D-Link routers, identified as CVE-2025-29635. This command injection flaw allows attackers to execute arbitrary commands through specially crafted POST requests. The vulnerability is particularly concerning because it affects discontinued models that many users may still have in operation. With the public disclosure of a proof-of-concept (PoC) exploit, the risk of widespread attacks increases, putting users who have not updated their devices at significant risk. It's crucial for affected users to take immediate action to secure their routers to prevent unauthorized access.

Read Original
Critical
Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Bluesky, a social media platform, experienced a significant disruption due to a DDoS attack that lasted approximately 24 hours. The attack was claimed by a group known as the 313 Team, which is linked to Iran. Fortunately, the company reported that no user data was compromised during the incident. This attack raises concerns about the vulnerability of online platforms to such disruptions, especially as geopolitical tensions can lead to cyberattacks targeting specific services. Users and organizations that rely on Bluesky for communication and engagement should remain vigilant about potential future attacks.

Read Original
Actively Exploited

The Mirai botnet is exploiting a command injection vulnerability found in certain discontinued D-Link routers. This issue emerged about a year after the vulnerability was publicly disclosed and proof-of-concept exploit code was released. Users of these routers are at risk, as the botnet can take control of the devices, potentially turning them into part of a larger network for launching attacks. The fact that these routers are no longer supported by D-Link means that affected users will not receive any official security updates or patches, leaving them vulnerable. It's crucial for individuals and organizations still using these routers to take immediate action to secure their networks, as the exploitation is ongoing.

Read Original

A recent analysis reveals that many organizations are struggling to effectively utilize Software Bill of Materials (SBOM) and Vulnerability Exploitability eXchange (VEX) data in their cybersecurity strategies. Researchers indicate that without a governance-driven intelligence layer, security teams are unable to convert this data into actionable security decisions. This gap has contributed to a rise in supply chain attacks, where malicious actors exploit vulnerabilities in software dependencies. The findings suggest that companies need to improve their data management and decision-making processes to better protect themselves against these types of threats. As supply chain vulnerabilities continue to pose risks, addressing this issue is becoming increasingly urgent for businesses relying on third-party software components.

Read Original

A serious security flaw has been identified in the Python-based sandbox environment known as Terrarium. This vulnerability, assigned the identifier CVE-2026-5752, has a CVSS score of 9.3, indicating its high severity. Attackers can exploit this flaw to execute arbitrary code with root privileges on the host machine by manipulating the JavaScript prototype chain. This issue is particularly concerning for developers and organizations using Terrarium, as it may allow unauthorized access to sensitive systems and data. Users of this sandbox environment should prioritize addressing this vulnerability to mitigate potential risks.

Read Original

A recent report indicates that approximately half of the 6 million internet-connected systems using the outdated File Transfer Protocol (FTP) are not secured with encryption. This lack of encryption makes these systems particularly vulnerable to cyberattacks, as attackers can easily intercept sensitive data during file transfers. The findings, reported by SecurityWeek, raise concerns for organizations relying on FTP for data transfer, as they may unwittingly expose critical information to cybercriminals. Given the prevalence of FTP usage, the implications of these security gaps could be widespread, impacting various industries. Companies should prioritize upgrading to more secure file transfer methods to protect their data from potential breaches.

Read Original

Forescout Technologies has discovered 20 security vulnerabilities in Sliex and Lantronix serial-to-IP converters, commonly used in sectors like healthcare and operational technology. These vulnerabilities can be exploited without any authentication, meaning attackers could potentially gain remote access to critical systems. This is a serious concern, as these converters play a vital role in enabling communication between devices. The exposure could lead to unauthorized control or data breaches, impacting patient care and industrial operations. Organizations relying on these devices need to take immediate action to protect their systems from potential attacks.

Read Original
Actively Exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a vulnerability in the Catalyst SD-WAN Manager, which has been confirmed as actively exploited in attacks. U.S. government agencies have just four days to secure their systems against this threat. Attackers may be taking advantage of this flaw to gain unauthorized access or disrupt services. This situation emphasizes the need for agencies to promptly patch their systems to mitigate potential risks. Failure to address the vulnerability could lead to significant security breaches and data loss.

Read Original
PreviousPage 29 of 64Next