Biztonsági szemle

Developing strong incident response plans remains an area that requires significant improvement. Here are some shortcomings and how to address them.

SecurityWeek reports that fixes have been issued by Juniper Networks for dozens of security issues impacting its Junos OS and Junos OS Evolved offerings, as well as Junos Space third-party dependencies.

Ninety percent of 40 widely known genetic testing services firms, including 23andMe, Ancestry, and MyHeritage, had received a C grade at most for their cybersecurity efforts, indicating the pervasiveness of poor cybersecurity practices across the DNA...

Numerous state and local governments across the U.S. have disclosed disruptions stemming from separate cyber intrusions, reports The Record, a news site by cybersecurity firm Recorded Future.

Researchers characterize the company's artificial intelligence chatbot as less secure than ChatGPT and even DeepSeek.

Cybernews reports that South Korean multinational manufacturing and services conglomerate SK Group had over 1 TB of data allegedly compromised in an attack claimed by the Russia-linked Qilin ransomware-as-a-service group, also known as Agenda.

Attacks leveraging a recently patched high-severity authentication bypass vulnerability in the widely used OttoKit plugin for WordPress, tracked as CVE-2025-3102, were found by Patchstack to have occurred just four hours following its public...

Android remote access trojan SpyNote has been deployed through fraudulent Google Play websites on newly registered domains as part of a new attack campaign, reports Infosecurity Magazine.

Targeted cyberattacks were discovered by Darktrace researchers to have been obscured by threat actors through spam bombing attacks against email systems, according to SiliconAngle.

Atomic, Exodus wallets subjected to malicious npm package attack Attackers have been looking to compromise users of the Atomic and Exodus cryptocurrency wallets through the new "pdf-to-office" npm package spoofing a PDF to Microsoft Word document...

BleepingComputer reports that trojanized removable drives have been harnessed by the Russian state-sponsored threat operation Gamaredon, also known as Shuckworm, to distribute a new GammaSteel information-stealing malware variant in an attack...

Moroccan cybercrime operation Atlas Lion which sets its sights on major retailers, restaurants, and other gift card-giving organizations has been integrating their virtual machines into targeted entities' cloud domains via breached credentials to...