A newly discovered FileFix social engineering attack impersonates Meta account suspension warnings to trick users into unknowingly installing the StealC infostealer malware. […]
Neon Cyber Emerges from Stealth, Shining a Light into the Browser
Neon Cyber argues that phishing, social engineering, and insider threats demand protections that follow users into the browser, where most attacks now begin.
The post Neon Cyber Emerges from Stealth, Shining a Light into the Browser appeared first on SecurityWeek.
Rowhammer Attack Demonstrated Against DDR5
Researchers devise Phoenix, a new Rowhammer attack that achieves root on DDR5 systems in less than two minutes.
The post Rowhammer Attack Demonstrated Against DDR5 appeared first on SecurityWeek.
Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack
Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild.
The vulnerability in question is CVE-2025-43300 (CVSS score: 8.8), an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file.
“Apple is aware of a report that this issue may have been exploited in an
The vulnerability in question is CVE-2025-43300 (CVSS score: 8.8), an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file.
“Apple is aware of a report that this issue may have been exploited in an
Webinar: Your browser is the breach — securing the modern web edge
The web browser has quietly become one of the most critical components of enterprise infrastructure—and one of the most dangerous. Join BleepingComputer, SC Media, and Push Security on September 29 at 12:00 PM ET for a live webinar on how attackers are targeting the browser to hijack sessions, steal data, and bypass security. […]
Securing the Agentic Era: Introducing Astrix’s AI Agent Control Plane
AI agents are rapidly becoming a core part of the enterprise, being embedded across enterprise workflows, operating with autonomy, and making decisions about which systems to access and how to use them. But as agents grow in power and autonomy, so do the risks and threats.
Recent studies show 80% of companies have already experienced unintended AI agent actions, from unauthorized system
Recent studies show 80% of companies have already experienced unintended AI agent actions, from unauthorized system
ChatGPT’s New Calendar Integration Can Be Abused to Steal Emails
EdisonWatch researchers demonstrated the new hack after OpenAI added support for MCP tools in ChatGPT.
The post ChatGPT’s New Calendar Integration Can Be Abused to Steal Emails appeared first on SecurityWeek.
Fraud Prevention Company SEON Raises $80 Million in Series C Funding
The company will invest in its AI and real-time detection platform, in global expansion, and in strategic partnerships.
The post Fraud Prevention Company SEON Raises $80 Million in Series C Funding appeared first on SecurityWeek.
Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities
Apple has announced major mobile and desktop platform releases and addressed an exploited bug in older platforms.
The post Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities appeared first on SecurityWeek.
Endpoint Security Firm Remedio Raises $65 Million in First Funding Round
The bootstrapped company will invest in an AI-powered unified enterprise platform combining configuration, compliance, patching, and vulnerability management.
The post Endpoint Security Firm Remedio Raises $65 Million in First Funding Round appeared first on SecurityWeek.