Biztonsági szemle
2025. Júl. 3.
Biztonsági szemle
Cisco patches critical 10.0 bug in Unified CM systems
A successful exploit could let an attacker log-in as the root user.
2025. Júl. 3.
Biztonsági szemle
Defending the prompt: How to secure AI against injection attacks
You can’t patch prompt injection, but you can outsmart it. OWASP’s latest guidance lays out a layered defense strategy for building safer, more resilient GenAI applications.
2025. Júl. 3.
Biztonsági szemle
NHS 10-Year Plan: Digital Transformation at the Heart of a Modern Health Service
The UK Government’s newly unveiled NHS 10-Year Plan is a bold and timely vision for the future of healthcare. Centred around three major “shifts”—from sickness to prevention, from hospital-centric to … Read more on Cisco Blogs
2025. Júl. 3.
Biztonsági szemle
New Cyber Blueprint Aims to Guide Organizations on AI Journey
Deloitte's new blueprint looks to bridge the gap between the massive push for AI adoption and a lack of preparedness among leaders and employees.
2025. Júl. 3.
Biztonsági szemle
Dark Web Vendors Shift to Third Parties, Supply Chains
As attacks on software supply chains and third parties increase, more data on critical software and infrastructure services is being advertised and sold on the Dark Web.
2025. Júl. 3.
Biztonsági szemle
Criminals Sending QR Codes in Phishing, Malware Campaigns
The Anti-Phishing Working Group observed how attackers are increasingly abusing QR codes to conduct phishing attacks or to trick users into downloading malware.
2025. Júl. 3.
Biztonsági szemle
IDE Extensions Pose Hidden Risks to Software Supply Chain
Malicious extensions can be engineered to bypass verification checks for popular integrated development environments, according to research from OX Security.
2025. Júl. 3.
Biztonsági szemle
Former ransomware negotiator under US probe
Such investigation has been confirmed by DigitalMint, which promptly moved to terminate the employee following the accusations but has not provided details regarding the suspect's arrest.
2025. Júl. 3.
Biztonsági szemle
Attackers Impersonate Top Brands in Callback Phishing
Microsoft, PayPal, Docusign, and others are among the trusted brands threat actors use in socially engineered scams that try to get victims to call adversary-controlled phone numbers.
2025. Júl. 3.
Biztonsági szemle
Widespread WordPress site takeover possible with plugin flaw
Threat actors could leverage the flaw — which stems from inadequate value sanitization conducted by the Forminator plugin's function for saving form entry fields to the database — to remove specific arbitrary files on the server upon the removal of a...
2025. Júl. 3.
Biztonsági szemle
CISA: Attacks exploiting TeleMessage bugs ongoing
More severe of the vulnerabilities is the TM SGNL Spring Boot Actuator misconfiguration bug, tracked as CVE-2025-48927, which could be abused for memory dump downloads, while the other flaw, tracked as CVE-2025-48928, could be exploited to reveal...
2025. Júl. 3.
Biztonsági szemle
Maximum severity Cisco Unified CM vulnerability resolved
Affected by the vulnerability, which stems from the availability of static user credentials for root accounts during development, were Cisco Unified CM and Unified CM SME Engineering Special releases 15.0.1.13010-1 to 15.0.1.13017-1.