Attackers could abuse Dify’s multi-tenant cloud service to read private chats, preview other tenants’ documents, and reach internal APIs.
The post Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Attackers could abuse Dify’s multi-tenant cloud service to read private chats, preview other tenants’ documents, and reach internal APIs.
The post Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps appeared first on SecurityWeek.
The high-severity use-after-free vulnerability in Samsung’s KNOX security framework affected Android-powered Galaxy devices from the S9 through S25.
The post Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks appeared first on SecurityWeek.
Carl Froggett combines CISO and CIO. He currently occupies both positions at Deep Instinct. Before then, he was CISO at Citi for almost 17 years.
The post CISO Conversations: Carl Froggett – Combining CISO and CIO at Deep Instinct appeared first on SecurityWeek.
26-year-old Abdellah Belmili faces up to 30 years in prison for allegedly operating the marketplaces Market0Day and Spoxy.
The post Algerian Man Extradited to US for Running Cybercrime Marketplaces appeared first on SecurityWeek.
Attackers can send crafted media files to execute code in any application that uses FFmpeg’s libavcodec library.
The post FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances appeared first on SecurityWeek.
OpenAI has expanded its Daybreak cybersecurity initiative with a new suite of tools and partnerships.
The post OpenAI Refocuses Cybersecurity Efforts on Patching Over Discovery appeared first on SecurityWeek.
Using a custom sniffer, the threat actor has captured over 110 million credentials since at least February 2026.
The post Russian Initial Access Broker Behind FortiBleed Campaign appeared first on SecurityWeek.
Hackers stole customers’ names, addresses, email addresses, phone numbers, and account information.
The post Canadian Electricity Provider London Hydro Discloses Data Breach appeared first on SecurityWeek.
Federal agencies are required to transition high-value assets and high-impact systems to use PQC by the end of 2030 and 2031.
The post Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration appeared first on SecurityWeek.
Threat actors gained access to personal and protected health information that Xsolis received from its clients.
The post Xsolis Data Breach Affects 1.4 Million Individuals appeared first on SecurityWeek.
