brangberg – Page 458

Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

Google has announced that it’s making a security feature called Device Bound Session Credentials (DBSC) in open beta to ensure that users are safeguarded against session cookie theft attacks.
DBSC, first introduced as a prototype in April 2024, is designed to bind authentication sessions to a device so as to prevent threat actors from using stolen cookies to sign-in to victims’ accounts and gain

Tonic Security Launches With $7 Million in Seed Funding

Tonic Security has emerged from stealth mode to tackle the complexity of exposure and vulnerability management.

The post Tonic Security Launches With $7 Million in Seed Funding appeared first on SecurityWeek.

Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome

Tracked as CVE-2025-6558, the flaw was found in Chrome’s ANGLE and GPU components and was flagged as exploited by Google TAG.

The post Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome appeared first on SecurityWeek.

Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware

Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025.
“Over the course of three days, a threat actor gained access to the customer’s network, attempted to download several suspicious files and communicated with malicious infrastructure linked to Auto-Color

Axonius Acquires Medical Device Security Firm Cynerio in $100 Million Deal

Axonius has acquired Cynerio for $100 million in cash and stock to accelerate its expansion into the healthcare market.

The post Axonius Acquires Medical Device Security Firm Cynerio in $100 Million Deal appeared first on SecurityWeek.

Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure

Google Cloud’s Mandiant Consulting has revealed that it has witnessed a drop in activity from the notorious Scattered Spider group, but emphasized the need for organizations to take advantage of the lull to shore up their defenses.
“Since the recent arrests tied to the alleged Scattered Spider (UNC3944) members in the U.K., Mandiant Consulting hasn’t observed any new intrusions directly

Author: brangberg

Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

Tonic Security Launches With $7 Million in Seed Funding

Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome

Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware

Axonius Acquires Medical Device Security Firm Cynerio in $100 Million Deal

Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure

Tea App Takes Messaging System Offline After Second Security Issue Reported

Minnesota activates National Guard after St. Paul cyberattack

Russian airline Aeroflot grounds dozens of flights after cyberattack

Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment