brangberg – Page 137

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of vulnerabilities is as follows –

CVE-2025-68645 (CVSS score: 8.8) – A PHP remote file inclusion vulnerability in Synacor Zimbra Collaboration Suite (ZCS) that could allow a

What an AI-Written Honeypot Taught Us About Trusting Machines

AI-generated code can introduce subtle security flaws when teams over-trust automated output. Intruder shows how an AI-written honeypot introduced hidden vulnerabilities that were exploited in attacks. […]

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices

Similar to recent FortiCloud single sign-on (SSO) login vulnerabilities, the attacks bypass authentication.

The post Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices appeared first on SecurityWeek.

In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice

Other noteworthy stories that might have slipped under the radar: Cloudflare WAF bypass, Canonical Snap Store abused for malware delivery, Curl terminating bug bounty program

The post In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice appeared first on SecurityWeek.

Microsoft: Outlook for iOS crashes, freezes due to coding error

Microsoft confirmed today that Outlook mobile may crash or freeze when launched on iPad devices due to a coding error. […]

Phishers Abuse SharePoint in New Campaign Targeting Energy Sector

Threat actors are leveraging the file-sharing service for payload delivery in AitM phishing and BEC attacks.

The post Phishers Abuse SharePoint in New Campaign Targeting Energy Sector appeared first on SecurityWeek.

Hackers get $1,047,000 for 76 zero-days at Pwn2Own Automotive 2026

Pwn2Own Automotive 2026 has ended with security researchers earning $1,047,000 after exploiting 76 zero-day vulnerabilities between January 21 and January 23. […]

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet has officially confirmed that it’s working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls.
“In the last 24 hours, we have identified a number of cases where the exploit was to a device that had been fully upgraded to the latest release at the time of the attack, which suggested a new

Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements

Cyber regulations are where politics meets business – where business becomes subject to political realities.

The post Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements appeared first on SecurityWeek.

Under Armour Looking Into Data Breach Affecting Customers’ Email Addresses

Clothing retailer Under Armour is investigating a recent data breach that purloined customers’ email addresses and other personal information, but so far there are no signs the hackers stole any passwords or financial information. The breach is believed to have happened late last year, and affected 72 million email addresses, according to information cited by […]

The post Under Armour Looking Into Data Breach Affecting Customers’ Email Addresses appeared first on SecurityWeek.

Author: brangberg