August 2025 – Page 9

New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station

A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB).
The attack, per the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), relies on a new open-source software toolkit named Sni5Gect (short for “Sniffing 5G Inject”) that’s

Beyond the Prompt: Building Trustworthy Agent Systems

Building secure AI agent systems requires a disciplined engineering approach focused on deliberate architecture and human oversight.

The post Beyond the Prompt: Building Trustworthy Agent Systems appeared first on SecurityWeek.

CISA warns of actively exploited Git code execution flaw

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the Git distributed version control system. […]

Beyond GDPR security training: Turning regulation into opportunity

Discover how GDPR compliance can spark real growth and give you a competitive advantage with practical strategies and a strong security culture. […]

Nissan confirms design studio data breach claimed by Qilin ransomware

Nissan Japan has confirmed to BleepingComputer that it suffered a data breach following unauthorized access to a server of one of its subsidiaries, Creative Box Inc. (CBI). […]

MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell.
The activity has been codenamed ZipLine by Check Point Research.
“Instead of sending unsolicited phishing emails, attackers initiate contact through a company’s public ‘Contact Us’ form, tricking

Healthcare Services Group Data Breach Impacts 624,000

The personal information of many individuals was stolen from Healthcare Services Group’s computer systems in 2024.

The post Healthcare Services Group Data Breach Impacts 624,000 appeared first on SecurityWeek.

CISA Unveils Tool to Boost Procurement of Software Supply Chain Security

Docker Desktop Vulnerability Leads to Host Compromise

A critical vulnerability in Docker Desktop allows attackers to modify the filesystem of Windows hosts to become administrators.

The post Docker Desktop Vulnerability Leads to Host Compromise appeared first on SecurityWeek.

AI Systems Vulnerable to Prompt Injection via Image Scaling Attack

Researchers show how popular AI systems can be tricked into processing malicious instructions by hiding them in images.

The post AI Systems Vulnerable to Prompt Injection via Image Scaling Attack appeared first on SecurityWeek.

Month: August 2025