Biztonsági szemle

A vulnerability in the popular Python-based tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data

The collaboration positions Aviatrix within the Wiz Integration Network and brings together Wiz’s agentless risk visibility and Aviatrix’s real-time network enforcement.

FedScoop reports that the U.S. Department of Commerce's Bureau of Industry and Security was discovered by the department's Office of Inspector General to have subpar cybersecurity threat detection and response capabilities.

The U.S. Securities and Exchange Commission has withdrawn proposed Biden-era cybersecurity rules that would have mandated investment firms and advisors to establish cyber risk-addressing policies and disclose significant cyber incidents over the past...

Attackers could achieve escalated SYSTEM privileges on Windows machines through the exploitation of a high-severity ASUS Armoury Crate system management software vulnerability, tracked as CVE-2025-3464, BleepingComputer reports.

Updates have been issued by Tenable to address a trio of high-severity security issues impacting its Nessus vulnerability scanner for Windows, reports Infosecurity Magazine.

[This is a guest diary by Christopher Crowley, https://montance.com ]

TechCrunch reports that leading North American grocery wholesaler United Natural Foods, Inc., has disclosed significant progress in restoring its electronic ordering systems following a cyberattack nearly two weeks ago, which has led to food...

Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

CISA issued a handful of alerts to address vulnerabilities in 10 industrial control appliances.

GrayAlpha uses custom loaders to deploy the NetSupport RAT backdoor.