Flaw allows attackers to reset and hijack TP-Link TL-WA855RE devices; CISA urges users to retire discontinued extenders.
The post US Cybersecurity Agency Flags Wi-Fi Range Extender Vulnerability Under Active Attack appeared first on SecurityWeek.
Hackers use new HexStrike-AI tool to rapidly exploit n-day flaws
Hackers are increasingly using a new AI-powered offensive security framework called HexStrike-AI in real attacks to exploit newly disclosed n-day flaws. […]
US sues robot toy maker for exposing children’s data to Chinese devs
The U.S. Department of Justice has sued toy maker Apitor Technology for allegedly allowing a Chinese third party to collect children’s geolocation data without their knowledge and parental consent. […]
Police disrupts Streameast, largest pirated sports streaming network
The Alliance for Creativity and Entertainment (ACE) and Egyptian authorities have shut down Streameast, the world’s largest illegal live sports streaming network, and arrested two people allegedly associated with the operation. […]
SaaS giant Workiva discloses data breach after Salesforce attack
Workiva, a leading cloud-based SaaS (Software as a Service) provider, notified its customers that attackers who gained access to a third-party customer relationship management (CRM) system stole some of their data. […]
Google Patches High-Severity Chrome Vulnerability in Latest Update
Chrome’s latest release addresses a high-severity use-after-free vulnerability in the V8 JavaScript engine that could be exploited for remote code execution.
The post Google Patches High-Severity Chrome Vulnerability in Latest Update appeared first on SecurityWeek.
Google fixes actively exploited Android flaws in September update
Google has released the September 2025 security update for Android devices, addressing a total of 84 vulnerabilities, including two actively exploited flaws. […]
Disney to pay $10M to settle claims it collected kids’ data on YouTube
Disney will pay $10 million to settle claims by the U.S. Federal Trade Commission that it mislabeled videos for children on YouTube, which allowed the collection of kids’ personal information without their consent or notification to their parents. […]
They know where you are: Cybersecurity and the shadow world of geolocation
Geolocation is the invisible attack vector. From Stuxnet to today’s APTs, malware now lies dormant until it hits the right place—turning location data into a weapon. Acronis’ TRU explains why defenses must evolve beyond VPNs and perimeter controls. […]
Cato Networks Acquires AI Security Firm Aim Security
Founded in 2022 to help organizations with the secure deployment of generative-AI utilities, Aim emerged from stealth in January 2024.
The post Cato Networks Acquires AI Security Firm Aim Security appeared first on SecurityWeek.