Biztonsági szemle

Organizations across Russia have been subjected to four times more phishing intrusions with the PureRAT information-stealing malware during the first four months of 2025, compared with the same period last year, reports The Hacker News.

Security Affairs reports that leading U.S. cryptocurrency exchange Coinbase had data from 69,461 individuals confirmed to be compromised following a cyberattack, which was previously disclosed to have involved bribes to its overseas customer service...

Despite adding alignment training, guardrails, and filters, large language models continue to give up secrets, make unfiltered statements, and provide dangerous information.

Get ready to explore the future of innovation and collaboration at Cisco Live 2025! From June 8-12 in San Diego—or virtually from anywhere—this premier event brings together thought leaders and for… Read more on Cisco Blogs

More than 100 Chrome browser extensions masquerading as legitimate tools, including YouTube, Fortinet VPN, Calendly, and DeepSeek AI, have been utilized to enable browser data compromise and remote script execution as part of a new attack campaign...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Low attack complexity Vendor: Lantronix Equipment: Device Installer Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: 95057C-FTHTWXCT11 Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION...

CISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-4632 Samsung MagicINFO 9 Server Path Traversal Vulnerability These types of vulnerabilities are frequent attack...

Commvault is monitoring cyber threat activity targeting their applications hosted in their Microsoft Azure cloud environment. Threat actors may have accessed client secrets for Commvault’s (Metallic) Microsoft 365 (M365) backup software-as-a-service...

CISA released two Industrial Control Systems (ICS) advisories on May 22, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-142-01 Lantronix Device Installer ICSA-25...

Today, CISA, the National Security Agency, the Federal Bureau of Investigation, and international partners released a joint Cybersecurity Information Sheet on AI Data Security: Best Practices for Securing Data Used to Train & Operate AI Systems. This...

Prompt injection risks in GitLab's AI assistant could have allowed attackers to steal source code, or indirectly deliver developers malware, dirty links, and more.