New CPU side-channel attacks named SLAP and FLOP can be exploited to remotely steal data from Apple mobile and desktop devices.
The post New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones appeared first on SecurityWeek.
Aquabot Botnet Targeting Vulnerable Mitel Phones
The Mirai-based Aquabot botnet has been targeting a vulnerability in Mitel SIP phones for which a proof-of-concept (PoC) exploit exists.
The post Aquabot Botnet Targeting Vulnerable Mitel Phones appeared first on SecurityWeek.
Smiths Group Scrambling to Restore Systems Following Cyberattack
Engineering firm Smiths Group has disclosed a cyberattack that forced it to take some systems offline and activate business continuity plans.
The post Smiths Group Scrambling to Restore Systems Following Cyberattack appeared first on SecurityWeek.
AI in Cybersecurity: What’s Effective and What’s Not – Insights from 200 Experts
Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy in the tech world or a serious game changer? Let’s unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI on cybersecurity.
Join Ravid Circus, a seasoned pro in cybersecurity and AI, as we peel back the layers of AI in cybersecurity through a revealing
Join Ravid Circus, a seasoned pro in cybersecurity and AI, as we peel back the layers of AI in cybersecurity through a revealing
Rockwell Patches Critical, High-Severity Vulnerabilities in Several Products
Rockwell Automation has released six new security advisories to inform customers about several critical and high-severity vulnerabilities.
The post Rockwell Patches Critical, High-Severity Vulnerabilities in Several Products appeared first on SecurityWeek.
Cyber Insights 2025: Artificial Intelligence
Artificial intelligence is upending cybersecurity. It is used by adversaries in their attacks, and by defenders in their defense.
The post Cyber Insights 2025: Artificial Intelligence appeared first on SecurityWeek.
New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits
A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome.
The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the
The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the
SimpleHelp Remote Access Software Exploited in Attacks
Threat actors have been exploiting SimpleHelp remote access software shortly after the disclosure of three vulnerabilities.
The post SimpleHelp Remote Access Software Exploited in Attacks appeared first on SecurityWeek.
How Interlock Ransomware Infects Healthcare Organizations
Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure that nearly doubles the previously disclosed total.
This breach shows just how deeply ransomware
This breach shows just how deeply ransomware
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution
A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances.
The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0.
“Due to a flaw in the multi-line SNMP result parser, authenticated users can inject
The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0.
“Due to a flaw in the multi-line SNMP result parser, authenticated users can inject