Magánszemélyeknek

The Federal Communications Commission has moved to prohibit testing of electronic devices for sale in the U.S. by Chinese labs controlled or directed by firms on its "Covered List", with electronics for import to the U.S. being required to undergo the agency's equipment authorization process, reports Reuters.

Increasing concerns regarding the potentially significant impact of vulnerable artificial intelligence models on critical infrastructure have led the FBI, Cybersecurity and Infrastructure Security Agency, National Security Agency, and cybersecurity agencies in Australia, New Zealand, and the UK to establish joint guidance seeking improved protections for AI training data and infrastructure, according to Cybersecurity Dive.

Mounting cybersecurity threats against U.S. critical infrastructure, compounded by conflicting rules, have prompted Sens. Gary Peters, D-Mich., and James Lankford, R-Okla., to reintroduce the Streamlining Federal Cybersecurity Regulations Act, which was previously rejected by Senate Homeland Security and Governmental Affairs Committee head Rand Paul, R-Ky., CyberScoop reports.

Active Directory users could be compromised with the new BadSuccessor attack technique, which involves the exploitation of a privilege escalation vulnerability within Windows Server 2025's delegated Managed Service Account feature that was made to allow legacy service account migrations while preventing Kerberoasting intrusions, reports The Hacker News.

Versa Networks' centralized management and orchestration platform Versa Concerto has been impacted by a trio of serious vulnerabilities, which could be leveraged for authentication evasion and arbitrary code execution, according to BleepingComputer.

SecurityWeek reports that nearly 150,000 internet-exposed industrial control system devices worldwide could be compromised in cyberattacks, with the rate of online devices used as honeypots increasing from almost 15% in April 2024 to 25% in January 2025.

Three zero-days could have allowed an attacker to completely compromise the Concerto application and the host system running it.

More than 184 million account credentials likely obtained via information-stealing malware attacks have been exposed by an unsecured database potentially owned by malicious actors, Cybernews reports.

Decentralized cryptocurrency exchange Cetus had nearly $223 million pilfered following an attack on Thursday, according to The Record, a news site by cybersecurity firm Recorded Future.

Hackread reports that Coca-Cola and bottling partner Coca-Cola Europacific Partners were purportedly compromised by the Everest ransomware operation and Gehenna hacking group, respectively, in separate intrusions.