Blog – Page 485 – Cyber Mike

Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

A severe security flaw has been disclosed in the Red Hat OpenShift AI service that could allow attackers to escalate privileges and take control of the complete infrastructure under certain conditions.
OpenShift AI is a platform for managing the lifecycle of predictive and generative artificial intelligence (GenAI) models at scale and across hybrid cloud environments. It also facilitates data

Chinese APT ‘Phantom Taurus’ Targeting Organizations With Net-Star Malware

Focused on espionage, the threat actor shares infrastructure with Chinese APTs, but uses different TTPs in attacks.

The post Chinese APT ‘Phantom Taurus’ Targeting Organizations With Net-Star Malware appeared first on SecurityWeek.

Canadian Airline WestJet Says Hackers Stole Customer Data

The company says names, contact details, and ID documents provided in connection with reservations and travel were stolen from its systems.

The post Canadian Airline WestJet Says Hackers Stole Customer Data appeared first on SecurityWeek.

NIST Publishes Guide for Protecting ICS Against USB-Borne Threats

NIST Special Publication 1334 focuses on reducing cybersecurity risks associated with the use of removable media devices in OT environments.

The post NIST Publishes Guide for Protecting ICS Against USB-Borne Threats appeared first on SecurityWeek.

2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

Bitdefender’s 2025 Cybersecurity Assessment Report paints a sobering picture of today’s cyber defense landscape: mounting pressure to remain silent after breaches, a gap between leadership and frontline teams, and a growing urgency to shrink the enterprise attack surface.
The annual research combines insights from over 1,200 IT and security professionals across six countries, along with an

Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

Unknown threat actors are abusing Milesight industrial cellular routers to send SMS messages as part of a smishing campaign targeting users in European countries since at least February 2022.
French cybersecurity company SEKOIA said the attackers are exploiting the cellular router’s API to send malicious SMS messages containing phishing URLs, with the campaigns primarily targeting Sweden, Italy,

Descope Raises $35 Million in Seed Round Extension

The identity and access management provider will invest in agentic identity R&D, expand to new regions, and hire new talent.

The post Descope Raises $35 Million in Seed Round Extension appeared first on SecurityWeek.

Cybersecurity Awareness Month 2025:Prioritizing Identity to Safeguard Critical Infrastructure

This year’s theme focuses on government entities and small and medium-sized businesses that are vital to protecting the systems and services that keep our communities running.

The post Cybersecurity Awareness Month 2025:Prioritizing Identity to Safeguard Critical Infrastructure appeared first on SecurityWeek.

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability

Impacting VMware Aria Operations and VMware Tools, the flaw can be exploited to elevate privileges on the VM.

The post Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability appeared first on SecurityWeek.

New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones

A previously undocumented Android banking trojan called Klopatra has compromised over 3,000 devices, with a majority of the infections reported in Spain and Italy.
Italian fraud prevention firm Cleafy, which discovered the sophisticated malware and remote access trojan (RAT) in late August 2025, said it leverages Hidden Virtual Network Computing (VNC) for remote control of infected devices and

Cyber News