Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari

The updates fix vulnerabilities in WebKit, the kernel, WebRTC, Web Extensions, and other components affecting iPhone, iPad, Mac, and Safari users.

The post Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari appeared first on SecurityWeek.

SecurityWeek – ​Read More

Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors

From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype.

The post Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors appeared first on SecurityWeek.

SecurityWeek – ​Read More

Phantom Squatting Uses AI-Hallucinated Domains for Phishing and Malware

Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else can, then hosting phishing pages on them to catch traffic that AI tools point their way.

Palo Alto Networks’ Unit 42 calls the trick phantom squatting, and its new research shows it is already happening in the wild.

The reason it matters is

The Hacker News – ​Read More

Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls

Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had imposed on Fable and its more tightly controlled sibling Mythos 5 about two and a half weeks earlier.

Fable 5 returns to users on Wednesday, July 1, across Claude.ai, the Claude Platform, Claude Code, and Claude Cowork.

Export controls restrict who can

The Hacker News – ​Read More

Dawnguard Raises $6.3 Million for Security Architecture Automation Platform

The company has publicly launched its solution to help organizations design, build, and operate secure cloud systems.

The post Dawnguard Raises $6.3 Million for Security Architecture Automation Platform appeared first on SecurityWeek.

SecurityWeek – ​Read More

Finally, an odor-free robot vacuum and mop that has no problem handling my pet’s hair

The Eufy Omni S2 improves on its predecessor with four times the suction power, and an odor-free mop roller.

Latest news – ​Read More

Massive Password Spray Campaign Targeting Azure CLI

Hackers were seen making over 81 million login attempts originating from systems associated with hosting provider LSHIY.

The post Massive Password Spray Campaign Targeting Azure CLI appeared first on SecurityWeek.

SecurityWeek – ​Read More

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a “massive, ongoing, automated password spray attack” aimed at Microsoft’s Azure command-line interface (CLI), compromising dozens of accounts in the process.

The activity, per Huntress, originates from an IPv6 address range (2a0a:d683::/32) controlled by internet infrastructure provider LSHIY LLC (AS32167).

“Between June 12 and June 26, the threat

The Hacker News – ​Read More

Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery

ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office.

New research shows the malicious commands behind its fake “prove you’re human” pages are now handed out by API-driven servers that give each visitor the same malware in a different disguise. The same research also turned up a new delivery method built to slip past Windows’ script scanning.

The Hacker News – ​Read More

Google Patches 382 Chrome Vulnerabilities

Fifteen of the newly patched flaws have been rated ‘critical’ and 67 have been rated ‘high severity’.

The post Google Patches 382 Chrome Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More