This ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops

Massive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined “protesters.”

Security Latest – ​Read More

CISA Issues Guidance After Oracle Cloud Hack

CISA is making recommendations for organizations and users in light of the recent Oracle legacy cloud environment hack.

The post CISA Issues Guidance After Oracle Cloud Hack appeared first on SecurityWeek.

SecurityWeek – ​Read More

Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution

A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions.
The vulnerability, tracked as CVE-2025-32433, has been given the maximum CVSS score of 10.0.

“The vulnerability allows an attacker with network access to an Erlang/OTP SSH

The Hacker News – ​Read More

Data-stealing cyberattacks are surging – 7 ways to protect yourself and your business

The number of infostealers sent through phishing emails jumped by 84% last year. IBM X-Force offers these recommendations for defending yourself from all manner of malware.

Latest stories for ZDNET in Security – ​Read More

Update your iPhone now to patch a CarPlay glitch and two serious security flaws

Apple’s iOS 18.4.1 update fixes a bug with wireless CarPlay and resolves two security holes already exploited in targeted attacks.

Latest stories for ZDNET in Security – ​Read More

MITRE Hackers’ Backdoor Has Targeted Windows for Years

Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years.

The post MITRE Hackers’ Backdoor Has Targeted Windows for Years appeared first on SecurityWeek.

SecurityWeek – ​Read More

CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The high-severity vulnerability, tracked as CVE-2021-20035 (CVSS score: 7.2), relates to a case of operating system command injection

The Hacker News – ​Read More

Middle East, North Africa Security Spending to Top $3B

Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth.

darkreading – ​Read More

Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks

Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild.
The vulnerabilities in question are listed below –

CVE-2025-31200 (CVSS score: 7.5) – A memory corruption vulnerability in the Core Audio framework that could allow code execution when processing an audio

The Hacker News – ​Read More

GPS Spoofing Attacks Spike in Middle East, Southeast Asia

An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border.

darkreading – ​Read More