Broadcom has released security updates to patch two high-severity VMware NSX vulnerabilities reported by the U.S. National Security Agency (NSA). […]
New Guidance Calls on OT Operators to Create Continually Updated System Inventory
Agencies in several countries have created guidance titled ‘Creating and Maintaining a Definitive View of Your OT Architecture’.
The post New Guidance Calls on OT Operators to Create Continually Updated System Inventory appeared first on SecurityWeek.
California Gov. Gavin Newsom Signs Bill Creating AI Safety Measures
The Transparency in Frontier Artificial Intelligence Act (TFAIA) requires AI companies to implement and disclose publicly safety protocols to prevent their most advanced models from being used to cause major harm.
The post California Gov. Gavin Newsom Signs Bill Creating AI Safety Measures appeared first on SecurityWeek.
High-Severity Vulnerabilities Patched in VMware Aria Operations, NSX, vCenter
The flaws could allow attackers to escalate privileges, manipulate notifications, and enumerate usernames.
The post High-Severity Vulnerabilities Patched in VMware Aria Operations, NSX, vCenter appeared first on SecurityWeek.
Stop Alert Chaos: Context Is the Key to Effective Incident Response
The Problem: Legacy SOCs and Endless Alert Noise
Every SOC leader knows the feeling: hundreds of alerts pouring in, dashboards lighting up like a slot machine, analysts scrambling to keep pace. The harder they try to scale people or buy new tools, the faster the chaos multiplies. The problem is not just volume; it is the model itself. Traditional SOCs start with rules, wait for alerts to fire,
Every SOC leader knows the feeling: hundreds of alerts pouring in, dashboards lighting up like a slot machine, analysts scrambling to keep pace. The harder they try to scale people or buy new tools, the faster the chaos multiplies. The problem is not just volume; it is the model itself. Traditional SOCs start with rules, wait for alerts to fire,
Webinar Today: AI and the Trust Dilemma: Balancing Innovation and Risk
Webinar: How do you embrace AI’s potential while defending against its threats?
The post Webinar Today: AI and the Trust Dilemma: Balancing Innovation and Risk appeared first on SecurityWeek.
Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs.
The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions –
The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affecting the following versions –
VMware Cloud Foundation 4.x and 5.x
VMware
Apple Updates iOS and macOS to Prevent Malicious Font Attacks
The vulnerability could lead to a denial-of-service condition or memory corruption when a malicious font is processed.
The post Apple Updates iOS and macOS to Prevent Malicious Font Attacks appeared first on SecurityWeek.
Cyberattack on Beer Giant Asahi Disrupts Production
The incident has resulted in a system failure that impacted orders and shipments in Japan, and call center operations.
The post Cyberattack on Beer Giant Asahi Disrupts Production appeared first on SecurityWeek.
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly.
Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting “active senior
Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting “active senior