Food delivery firm GrubHub has disclosed a data breach impacting the personal information of drivers and customers.
The post Personal Information Compromised in GrubHub Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
The Contec CMS8000 patient monitors do not contain a malicious backdoor but are plagued by an insecure and vulnerable design.
The post Contec Patient Monitors Not Malicious, but Still Pose Big Risk to Healthcare appeared first on SecurityWeek.
SecurityWeek – Read More
There has never been a single job description for the CISO – the role depends upon each company, its maturity, its size and resources, and the risk tolerance of boards.
The post Cyber Insights 2025: The CISO Outlook appeared first on SecurityWeek.
SecurityWeek – Read More
Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI.
The post Developers Targeted With Malware Disguised as DeepSeek Package appeared first on SecurityWeek.
SecurityWeek – Read More
The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.
The post Vulnerability Patched in Android Possibly Exploited by Forensic Tools appeared first on SecurityWeek.
SecurityWeek – Read More
DeepSeek’s susceptibility to jailbreaks has been compared by Cisco to other popular AI models, including from Meta, OpenAI and Google.
The post DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test appeared first on SecurityWeek.
SecurityWeek – Read More
Taiwan has become the latest country to ban government agencies from using Chinese startup DeepSeek’s Artificial Intelligence (AI) platform, citing security risks.
“Government agencies and critical infrastructure should not use DeepSeek, because it endangers national information security,” according to a statement released by Taiwan’s Ministry of Digital Affairs, per Radio Free Asia.
“DeepSeek
The Hacker News – Read More
An investigation into more than 300 cyberattacks against US K–12 schools over the past five years shows how schools can withhold crucial details from students and parents whose data was stolen.
Security Latest – Read More
Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions.
The flaws are listed below –
CVE-2025-21396 (CVSS score: 7.5) – Microsoft Account Elevation of Privilege Vulnerability
CVE-2025-21415 (CVSS score: 9.9) – Azure AI Face Service
The Hacker News – Read More
Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild.
The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC) driver.
Successful exploitation of the flaw could lead
The Hacker News – Read More