Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser’s sandbox protection. […]
China’s Salt Typhoon Hacked US National Guard
Chinese hacking group Salt Typhoon targeted a National Guard unit’s network and tapped into communications with other units.
The post China’s Salt Typhoon Hacked US National Guard appeared first on SecurityWeek.
New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code
Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud.
The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign “decoy” app that’s hosted on the Google Play Store and its evil twin, which is
The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign “decoy” app that’s hosted on the Google Play Store and its evil twin, which is
Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild
Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild.
The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has been described as an incorrect validation of untrusted input in the browser’s ANGLE and GPU components.
“Insufficient validation of untrusted input in ANGLE and
The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has been described as an incorrect validation of untrusted input in the browser’s ANGLE and GPU components.
“Insufficient validation of untrusted input in ANGLE and
Deepfakes. Fake Recruiters. Cloned CFOs — Learn How to Stop AI-Driven Attacks in Real Time
Social engineering attacks have entered a new era—and they’re coming fast, smart, and deeply personalized.
It’s no longer just suspicious emails in your spam folder. Today’s attackers use generative AI, stolen branding assets, and deepfake tools to mimic your executives, hijack your social channels, and create convincing fakes of your website, emails, and even voice. They don’t just spoof—they
It’s no longer just suspicious emails in your spam folder. Today’s attackers use generative AI, stolen branding assets, and deepfake tools to mimic your executives, hijack your social channels, and create convincing fakes of your website, emails, and even voice. They don’t just spoof—they
Former US Soldier Who Hacked AT&T and Verizon Pleads Guilty
Cameron John Wagenius pleaded guilty to charges related to hacking into US telecommunications companies.
The post Former US Soldier Who Hacked AT&T and Verizon Pleads Guilty appeared first on SecurityWeek.
IoT Security Firm Exein Raises $81 Million
Italian company Exein has raised €70 million (~$81 million) in a Series C funding round led by Balderton.
The post IoT Security Firm Exein Raises $81 Million appeared first on SecurityWeek.
Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act
Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild.
The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by Big Sleep, an
The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by Big Sleep, an
Chrome Update Patches Fifth Zero-Day of 2025
Google has released a Chrome 138 security update that patches a zero-day, the fifth resolved in the browser this year.
The post Chrome Update Patches Fifth Zero-Day of 2025 appeared first on SecurityWeek.
OpenAI’s image model gets built-in style feature on ChatGPT
OpenAI’s image gen model, which is available via ChatGPT for free, now lets you easily create AI images even if you’re not familiar with trends or prompt engineering. […]