Hackers compromised a MicroWorld Technologies update server and fed a malicious file to eScan customers.
The post eScan Antivirus Delivers Malware in Supply Chain Attack appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
In Other News: Paid for Being Jailed, Google’s $68M Settlement, CISA Chief’s ChatGPT Leak
Other noteworthy stories that might have slipped under the radar: Apple updates platform security guide, LastPass detects new phishing wave, CISA withdraws from RSA Conference.
The post In Other News: Paid for Being Jailed, Google’s $68M Settlement, CISA Chief’s ChatGPT Leak appeared first on SecurityWeek.
Aisy Launches Out of Stealth to Transform Vulnerability Management
Aisy has emerged from stealth mode with $2.3 million in seed funding for its AI-assisted platform.
The post Aisy Launches Out of Stealth to Transform Vulnerability Management appeared first on SecurityWeek.
175,000 Exposed Ollama Hosts Could Enable LLM Abuse
Among them, 23,000 hosts were persistently responsible for the majority of activity observed over 293 days of scanning.
The post 175,000 Exposed Ollama Hosts Could Enable LLM Abuse appeared first on SecurityWeek.
White House Scraps ‘Burdensome’ Software Security Rules
Two Biden-era memorandums have been revoked, but some of the resources they provide can still be used by government organizations.
The post White House Scraps ‘Burdensome’ Software Security Rules appeared first on SecurityWeek.
Hugging Face Abused to Deploy Android RAT
Android users were lured to applications that served a malicious payload hosted in a Hugging Face repository.
The post Hugging Face Abused to Deploy Android RAT appeared first on SecurityWeek.
ICS Devices Bricked in Russia-Linked Strike on Polish Power Grid
Sandworm/Electrum hackers targeted communication and control systems at 30 sites.
The post ICS Devices Bricked in Russia-Linked Strike on Polish Power Grid appeared first on SecurityWeek.
Ivanti Patches Exploited EPMM Zero-Days
The critical-severity vulnerabilities could allow unauthenticated attackers to execute arbitrary code remotely.
The post Ivanti Patches Exploited EPMM Zero-Days appeared first on SecurityWeek.
LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’
An LLMjacking operation has been targeting exposed LLMs and MCPs at scale, for commercial monetization.
The post LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’ appeared first on SecurityWeek.
N8n Vulnerabilities Could Lead to Remote Code Execution
The two bugs impacted n8n’s sandbox mechanism and could be exploited via weaknesses in the AST sanitization logic.
The post N8n Vulnerabilities Could Lead to Remote Code Execution appeared first on SecurityWeek.