Articles tagged "Critical"

Found 888 articles

Cal Water, a utility in California, recently investigated a cyberattack attributed to the Iranian hacker group Handala. Despite the hackers claiming they could disrupt the water supply, Mandiant, the cybersecurity firm assisting in the investigation, found no evidence of any operational technology (OT) activity being compromised. This incident raises concerns about the security of critical infrastructure, especially given the attackers' bold claims. While the immediate threat appears to be contained, it serves as a reminder for utilities and other essential services to remain vigilant against potential cyber threats. Ensuring the integrity of water supplies is crucial for public safety and trust.

Read Original

On June 22, 2026, the NSA, along with its Five Eyes partners, issued a critical warning about the rapidly evolving nature of cyber threats. They noted that the timeline for potential cyberattacks has significantly shortened, going from years to just months. This shift poses a serious risk to national security and the integrity of critical infrastructure. The agencies emphasized the need for organizations to enhance their cybersecurity measures and preparedness to counter these fast-evolving threats. As cybercriminals become more sophisticated, timely detection and response will be essential for all sectors, especially government and private industries.

Read Original

A recently discovered flaw in macOS allows standard users to disable Endpoint Detection and Response (EDR) and Mobile Device Management (MDM) features, which are critical for maintaining device security and management. This vulnerability could be exploited by malicious actors to weaken security controls, making it easier for them to execute attacks or gain unauthorized access to sensitive data. All macOS versions that support EDR and MDM functionalities are affected. Organizations using these features should be particularly vigilant, as the ability for unauthorized users to disable such protections can lead to significant security risks. As of now, there is no indication that this vulnerability is being actively exploited in the wild, but the potential for misuse remains a concern for IT departments.

Read Original

A new report from Black Kite reveals a significant spike in ransomware attacks across Europe, with incidents rising by more than 50% over the past year. The analysis also highlights a troubling increase in supply chain attacks, which can compromise multiple organizations through a single vulnerability. This surge in ransomware poses a serious risk to businesses, governments, and critical infrastructure, leading to potential data loss and financial damage. Companies need to be vigilant and strengthen their cybersecurity measures to protect against these escalating threats. The findings serve as a stark reminder of the ongoing challenges in cybersecurity and the need for proactive defenses.

Read Original
Actively Exploited

Ransomware groups are increasingly targeting organizations in Europe, marking a shift in their focus after a period of decreased activity. This trend poses significant risks to EU businesses and their suppliers, as attackers exploit vulnerabilities to gain access to sensitive data and demand ransoms. The rise in attacks could disrupt operations and compromise the security of critical services across the region. Companies in Europe need to bolster their cybersecurity measures to defend against these evolving threats. The situation highlights the need for ongoing vigilance in protecting against ransomware, especially as attackers find new opportunities in lucrative markets like the EU.

Read Original

Entrust has launched a new biometric authentication solution designed to enhance security during high-risk transactions such as account recovery and large purchases. As cybercriminals increasingly target these vulnerable moments, traditional authentication methods are proving inadequate. The new system aims to confirm the identity of users more effectively, reducing the risk of account takeovers. By focusing on verifying the individual behind a transaction rather than just granting access, Entrust hopes to strike a balance between security and user experience. This advancement is crucial for organizations looking to prevent fraud while maintaining a seamless process for their customers.

Read Original

The National Institute of Standards and Technology (NIST) has opened up its updated guidance on Internet of Things (IoT) security for public review. This guidance is designed to set cybersecurity standards for IoT devices used in federal agencies' networks. By establishing clear product requirements, NIST aims to enhance the security posture of these devices, which are increasingly integrated into critical government operations. The public review period allows stakeholders, including industry experts and the general public, to provide input on the proposed guidelines. This initiative is significant as it addresses growing concerns over the vulnerabilities associated with IoT devices, which can be entry points for cyberattacks.

Read Original
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access

The Hacker News

Actively Exploited

A recently discovered vulnerability in Cisco Catalyst SD-WAN has been exploited by an unknown attacker for at least two months before its public disclosure. This security flaw, identified as CVE-2026-20245, has a high severity rating of 7.8 and allows an authenticated local attacker to execute arbitrary commands with elevated privileges. This means that if an attacker gains access to a system, they could potentially take control of critical functions within the network. Companies using Cisco Catalyst SD-WAN should be aware of the risk posed by this vulnerability and take immediate action to protect their systems. The findings from Mandiant underscore the importance of timely patching and monitoring for unusual activity in network environments.

Read Original

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a serious vulnerability affecting Lantronix EDS5000 Series devices. This flaw, identified as CVE-2025-67038, has a high severity score of 9.8 and involves a code injection issue that could allow attackers to execute malicious code. CISA is urging Federal Civilian Executive Branch agencies to implement available fixes before the deadline of June 26, 2026. The active exploitation of this vulnerability raises concerns about potential unauthorized access and control over affected devices, which could lead to significant security breaches. Organizations using these devices should prioritize applying security updates to mitigate risks.

Read Original
Critical
New GhostShell Hacking Group Targets Ukraine’s Drone Defense Sector

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

The hacking group GhostShell is targeting Ukraine's drone defense sector by using fake documents related to drones to deceive defense teams. Researchers have identified that this cyber campaign is aimed at stealing passwords and sensitive information from these teams. The implications of this attack are significant, as it not only compromises the security of critical defense systems but also highlights the ongoing risks faced by Ukraine amid its conflict. The attackers' tactics demonstrate a sophisticated approach to infiltrating sensitive areas, raising concerns for national security. As the situation evolves, it's crucial for defense organizations to remain vigilant and enhance their cybersecurity measures.

Read Original

Service desks are increasingly targeted by attackers who use social engineering tactics to gain access to sensitive corporate accounts. These attackers often request password resets or multi-factor authentication changes, exploiting the trust that service desk staff typically have in callers. Researchers at Specops Software explain how these attacks are executed and emphasize the need for stronger security measures. Organizations are urged to implement rigorous verification processes to protect against these manipulative tactics. This is crucial because successful attacks can lead to significant data breaches and unauthorized access to critical systems.

Read Original

Recent vulnerabilities discovered in Ubiquiti products pose significant risks as they allow remote attackers to access systems without authentication. These flaws enable unauthorized changes to be made to the system, access to underlying accounts, and the injection of malicious commands. This could lead to serious security breaches for users, particularly affecting those who rely on Ubiquiti for their networking equipment. Organizations using these products need to act quickly to safeguard their systems and data. Given the nature of these vulnerabilities, it is crucial for users to stay informed and apply any necessary updates or patches to mitigate the risks.

Read Original

The article discusses the importance of context in AI systems, particularly in agentic AI, which makes decisions autonomously. Without the right context, these systems can make poor decisions at high speeds, leading to potential security risks. This issue is crucial for organizations using AI for critical operations, as incorrect decisions could have serious consequences. The piece emphasizes the need for developers and companies to ensure their AI systems are trained with accurate and comprehensive context to mitigate these risks. As AI continues to be integrated into various sectors, understanding and addressing these contextual challenges is vital for maintaining security and reliability.

Read Original

The article discusses the ongoing challenges that open-source security poses to governments, particularly in the U.S. It highlights how the vast number of open-source software projects creates numerous potential targets for attackers. Companies are reportedly not doing enough to secure their products, which adds to the problem. Additionally, the influence of artificial intelligence is changing the dynamics of these security challenges, making it harder for governments to keep up. The situation is concerning as it raises questions about the safety of critical systems that rely on open-source components.

Read Original

A serious security flaw has been discovered in Cisco Unified Communications Manager (Unified CM) and its Session Management Edition (Unified CM SME). The vulnerability, identified as CVE-2026-20230, has a CVSS score of 8.6, indicating its severity. It involves improper input validation for specific HTTP requests, which could allow attackers to execute commands remotely without authentication. This means that unauthorized individuals could potentially gain root access to affected systems. Companies using these Cisco products need to act quickly to protect their networks, as the flaw is already being exploited in the wild.

Read Original
PreviousPage 9 of 60Next