Maze and its investors are betting on finding profits in software that uses AI-powered agents to automate critical parts of the process.
The post Maze Banks $25M to Tackle Cloud Security with AI Agents appeared first on SecurityWeek.
SecurityWeek – Read More
The flaw is able to skirt past your usual security protection and evade detection, but Microsoft has a patch.
Latest stories for ZDNET in Security – Read More
INTERPOL disrupts 20,000 infostealer domains in major cybercrime crackdown across Asia-Pacific, 32 arrested, 216K victims notified in Operation Secure.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Learn how attackers hide in plain sight—and what you can do to stop them without slowing down your business.
The post Webinar Today: Rethinking Endpoint Hardening for Today’s Attack Landscape appeared first on SecurityWeek.
SecurityWeek – Read More
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three zero-day vulnerabilities in catdoc, as well as vulnerabilities in Parallel, NVIDIA and High-Logic FontCreator 15.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adherence to Cisco’s third-party vulnerability disclosure policy, except in the case of the catdoc zero-day vulnerabilities, which were patched by our researcher (patches found in this repository). This is an unusual case, because the vendor could not be reached to fix these high-risk bugs; our policy does not include fixing third-party vulnerabilities.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.
Discovered by Ali Rizvi-Santiago of Cisco Talos.
The catdoc program pulls plain text content from Microsoft Word, Excel, PowerPoint and Rich Text Format files. The vendor was unreachable, Debian will be merging our patches into their distribution. https://github.com/Cisco-Talos/catdoc-talos-fixes/releases/tag/talos-fixes.2025-05
TALOS-2024-2128 (CVE-2024-48877) is a memory corruption vulnerability in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
TALOS-2024-2131 (CVE-2024-52035) is an integer overflow vulnerability which exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95., and TALOS-2024-2132 (CVE-2024-54028) is an integer underflow vulnerability in the OLE Document DIFAT Parser functionality. A specially crafted malformed file can lead to heap-based memory corruption for either vulnerability, and an attacker can provide a malicious file as a trigger.
Discovered by KPC of Cisco Talos.
Parallels is a desktop emulator for Mac computers that enables virtual Windows applications.
TALOS-2025-2160 (CVE-2025-31359) is a directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 (55879). This vulnerability can be exploited by an attacker to write to arbitrary files, potentially leading to privilege escalation.
There are three privilege escalation vulnerabilities in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 (55740).
Discovered by Dimitrios Tatsis of Cisco Talos.
NVIDIA cuobjdump is a command-line utility included in the NVIDIA CUDA Toolkit. Similar to the standard `objdump` utility, it parses CUDA executable files and displays information like PTX disassembly, section headers, relocations etc.
TALOS-2025-2151 (CVE-2025-23247) is an integer overflow in the ELF Section Parsing functionality of NVIDIA cuobjdump 12.8.55. A specially crafted fatbin file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
Discovered by KPC of Cisco Talos.
High-Logic FontCreator is a font editor for Windows & macOS. The program allows you to create, edit and export OpenType, TrueType and responsive variable fonts.
An out-of-bounds read vulnerability, TALOS-2025-2157 (CVE-2025-20001), exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability.
Cisco Talos Blog – Read More
Patches released by Fortinet and Ivanti resolve over a dozen vulnerabilities, including high-severity flaws leading to code execution, credential leaks.
The post Fortinet, Ivanti Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
The two campaigns are good examples of the ever-shrinking time-to-exploit timelines that botnet operators have adopted for newly published CVEs.
darkreading – Read More
ANY.RUN’s Threat Intelligence Feeds (TI Feeds) provide security teams with exclusive intel on threats targeting 15,000 companies worldwide. With TAXII protocol, you can safely and easily reinforce your company’s proactive detection with TI Feeds.
TAXII (Trusted Automated eXchange of Indicator Information) allows for swift and comfortable delivery of threat intelligence feeds. It’s a popular standard acknowledged for its security and usability.
TI Feeds are available for integration with the support of TAXII protocol. With this combo, you’ll achieve:
TI Feeds empower your SOC with actionable intelligence to proactively monitor and prevent threats, mitigating breach risks and associated costs.
With ANY.RUN, MSSP companies get to stand out among competitors by enriching their infrastructure with data on real threats targeting companies across industries.
Integrate TI Feeds into your system for an easy access to all of their perks:
Integration through TAXII protocol is available for all users with paid plans. You can easily setup TI Feeds as a TAXII endpoint in their system, be that SIEM, TIP, EDR/XDR, NGFW, or other Security Operations solutions.
Upon connection to ANY.RUN’s TAXII server, your system automatically receives fresh threat intelligence. Check out what our feeds look like by downloading a sample in STIX or MISP format.
For full access to TI Feeds, purchase or get a 14-day trial.
After that, your infrastructure will be enriched with uniquely sourced threat data, adding to its efficiency. Feeds will be ready for further processing: you can determine correlations, launch playbooks, and more.
Contact us to get help with configuration and integration
ANY.RUN helps more than 500,000 cybersecurity professionals worldwide. Our interactive sandbox simplifies malware analysis of threats that target both Windows and Linux systems. Our threat intelligence products, TI Lookup, YARA Search, and Feeds, help you find IOCs or files to learn more about the threats and respond to incidents faster.
Try ANY.RUN’s solutions to give your security operations a boost →
The post Integrate Threat Intelligence Feeds via TAXII Protocol appeared first on ANY.RUN’s Cybersecurity Blog.
ANY.RUN’s Cybersecurity Blog – Read More
Series E funding round brings Cyera’s total funding to over $1.3 billion and values the data security firm at $6 billion.
The post Cyera Raises $540 Million to Expand AI-Powered Data Security Platform appeared first on SecurityWeek.
SecurityWeek – Read More
