Thousands of SaaS Apps Could Still Be Susceptible to nOAuth

/in

New research suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth variant despite the basic issue being disclosed in June 2023.

The post Thousands of SaaS Apps Could Still Be Susceptible to nOAuth appeared first on SecurityWeek.

SecurityWeek – ​Read More

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

/in

Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions.
The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part of its monthly updates for January

The Hacker News – ​Read More

Glasgow City Council impacted by ‘cyber incident’

/in

The Glasgow City Council announced that it was affected by an incident “disrupting a number of online services and which may have involved the theft of customer data.”

The Record from Recorded Future News – ​Read More

XOR Marks the Flaw in SAP GUI

/in

The company has patched two vulnerabilities in its Graphical User Interface that would have allowed attackers to grab data from a user’s input history feature.

darkreading – ​Read More

Ring’s new generative AI feature is here to answer your ‘who’s there?’ or ‘what was that?’ questions

/in

Called Video Descriptions, the AI feature generates detailed descriptions of what your Ring camera sees and delivers it in your notifications.

Latest stories for ZDNET in Security – ​Read More

Ring cameras and doorbells now use AI to provide specific descriptions of motion activity

/in

Ring gets a new AI-powered feature that offers users specific text descriptions of current motion activity.

Security News | TechCrunch – ​Read More

SonicWall Warns of Trojanized NetExtender Stealing User Information

/in

SonicWall says a modified version of the legitimate NetExtender application contains information-stealing code.

The post SonicWall Warns of Trojanized NetExtender Stealing User Information appeared first on SecurityWeek.

SecurityWeek – ​Read More

New Vulnerabilities Expose Millions of Brother Printers to Hacking

/in

Rapid7 has found several serious vulnerabilities affecting over 700 printer models from Brother and other vendors. 

The post New Vulnerabilities Expose Millions of Brother Printers to Hacking appeared first on SecurityWeek.

SecurityWeek – ​Read More

Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games

/in

Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah.
Cybersecurity company Resecurity said the breach was announced on Telegram on June 22, 2025, in the form of SQL database dumps, characterizing it as an information operation “carried out by Iran and its proxies.”
“The actors

The Hacker News – ​Read More

Code Execution Vulnerability Patched in GitHub Enterprise Server

/in

A high-severity vulnerability in GitHub Enterprise Server could have allowed remote attackers to execute arbitrary code.

The post Code Execution Vulnerability Patched in GitHub Enterprise Server appeared first on SecurityWeek.

SecurityWeek – ​Read More