Arizona-based Western Alliance Bank is notifying nearly 22,000 customers their personal information was stolen in October after a third-party vendor’s secure file transfer software was breached. […]
AI Is Turbocharging Organized Crime, EU Police Agency Warns
AI and other technologies “are a catalyst for crime, and drive criminal operations’ efficiency by amplifying their speed, reach, and sophistication,” the report said.
The post AI Is Turbocharging Organized Crime, EU Police Agency Warns appeared first on SecurityWeek.
Malicious Android ‘Vapor’ apps on Google Play installed 60 million times
Over 300 malicious Android applications downloaded 60 million items from Google Play acted as adware or attempted to steal credentials and credit card information. […]
New Windows zero-day exploited by 11 state hacking groups since 2017
At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. […]
Critical AMI BMC Vulnerability Exposes Servers to Disruption, Takeover
A critical vulnerability affecting baseboard management controller (BMC) firmware made by AMI could expose many devices to remote attacks.
The post Critical AMI BMC Vulnerability Exposes Servers to Disruption, Takeover appeared first on SecurityWeek.
Google Releases Major Update for Open Source Vulnerability Scanner
Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers.
The post Google Releases Major Update for Open Source Vulnerability Scanner appeared first on SecurityWeek.
Google to purchase Wiz for $32 billion in cloud security play
Google has announced it entered into a definitive agreement to acquire Wiz, a leading cloud security platform, for $32 billion in an all-cash transaction. […]
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code.
“This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent
“This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent
Critical AMI MegaRAC bug can let attackers hijack, brick servers
A new critical severity vulnerability found in American Megatrends International’s MegaRAC Baseboard Management Controller (BMC) software can let attackers hijack and potentially brick vulnerable servers. […]
Blockchain gaming platform WEMIX hacked to steal $6.1 million
Blockchain gaming platform WEMIX suffered a cyberattack last month, allowing threat actors to steal 8,654,860 WEMIX tokens, valued at approximately $6,100,000 at the time. […]