Four arrested by UK police over ransomware attacks on M&S, Co-op and Harrods

/in

Britain’s National Crime Agency said police arrested one woman and three men suspected in ransomware attacks against major U.K. retailers.

The Record from Recorded Future News – ​Read More

Booz Allen Invests in Machine Identity Firm Corsha

/in

‘Machine identities’, often used interchangeably with ‘non-human identities’ (NHIs), have been increasing rapidly since the start of digital transformation.

The post Booz Allen Invests in Machine Identity Firm Corsha appeared first on SecurityWeek.

SecurityWeek – ​Read More

Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack

/in

PCA Cyber Security has discovered critical vulnerabilities in the BlueSDK Bluetooth stack that could have allowed remote code execution on car systems.

The post Millions of Cars Exposed to Remote Hacking via PerfektBlue Attack appeared first on SecurityWeek.

SecurityWeek – ​Read More

What Can Businesses Do About Ethical Dilemmas Posed by AI?

/in

AI-made decisions are in many ways shaping and governing human lives. Companies have a moral, social, and fiduciary duty to responsibly lead its take-up.

The post What Can Businesses Do About Ethical Dilemmas Posed by AI? appeared first on SecurityWeek.

SecurityWeek – ​Read More

AirMDR Raises $15.5 Million for MDR Solution

/in

AI-powered MDR provider AirMDR has raised $15.5 million in funding (seed and infusion investment) to support its R&D efforts.

The post AirMDR Raises $15.5 Million for MDR Solution appeared first on SecurityWeek.

SecurityWeek – ​Read More

ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

/in

A high-severity security flaw has been disclosed in ServiceNow’s platform that, if successfully exploited, could result in data exposure and exfiltration.
The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data inference in Now Platform through conditional access control list (ACL) rules. It has been codenamed Count(er) Strike.
“A vulnerability has

The Hacker News – ​Read More

How passkeys work: Do your favorite sites even support passkeys?

/in

Join us on a typical passkey journey from discovery to registration to authentication to deletion.

Latest stories for ZDNET in Security – ​Read More

North American APT Uses Exchange Zero-Day to Attack China

/in

Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to a mysterious issue in Microsoft Exchange.

darkreading – ​Read More

McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data to Hackers Using the Password ‘123456’

/in

Basic security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm Paradox.ai.

Security Latest – ​Read More

A NVIDIA Container Bug & Chance to Harden Kubernetes

/in

A container escape flaw involving the NVIDIA Container Toolkit could have enabled a threat actor to access AI datasets across tenants.

darkreading – ​Read More