Aggregator

Foxconn Confirms Cyberattack After Nitrogen Ransomware Gang Claim

Cyber Security News
1 month 1 week ago

Foxconn has officially confirmed a cyberattack targeting its North American operations after the Nitrogen ransomware gang publicly listed the company on its data leak site, claiming to have stolen a staggering 8 terabytes of sensitive data. The Nitrogen ransomware group made its move on Monday, posting Foxconn on its breach and extortion portal and asserting […]

The post Foxconn Confirms Cyberattack After Nitrogen Ransomware Gang Claim appeared first on Cyber Security News.

Guru Baran

Fragnesia Linux Vulnerability Let Attackers Gain Root Privileges – PoC Released

Cyber Security News
1 month 1 week ago

A newly disclosed Linux kernel vulnerability dubbed Fragnesia allows any local unprivileged user to escalate privileges to root without requiring a race condition, making it one of the more reliable local privilege escalation exploits seen in recent years. Discovered by William Bowling of the V12 security team, Fragnesia joins a growing class of dangerous kernel […]

The post Fragnesia Linux Vulnerability Let Attackers Gain Root Privileges – PoC Released appeared first on Cyber Security News.

Guru Baran

Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

The Hackers News
1 month 1 week ago
Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale, adding that it's being tested by some customers as part of a limited private preview. MDASH, short for multi-model agentic scanning harness, is designed as a model-agnostic system that uses bespoke AI agents for different vulnerability
The Hacker News

Quest KACE SMA flaw CVE-2025-32975: when one unpatched tool opens the door to 60 organizations

Security Affairs
1 month 1 week ago
CVE-2025-32975 is a critical flaw in Quest KACE SMA used for endpoint management. If exploited, it could impact all managed systems across organizations. CVE-2025-32975 is a critical flaw in Quest KACE SMA used for endpoint management. If exploited, it could impact all managed systems across organizations. Quest KACE SMA is an on-premises endpoint management platform […]
Pierluigi Paganini

CVE-2026-23870

CVE Trends
1 month 1 week ago
Currently trending CVE - Hype Score: 4 - A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to server crashes, out-of-memory exceptions or excessive CPU usage; affecting the following packages: react-server-dom-webpack, ...

Signal responds to phishing attacks with new in-app security warnings

Help Net Security
1 month 1 week ago

Signal is adding new protections for users following recent phishing and social engineering attacks. In March, the FBI and CISA issued a warning stating that Signal had become a primary target of Russian intelligence-linked hackers. Dutch and German security authorities were among the first to identify phishing campaigns targeting Signal users. The scheme centered on Signal’s “linked devices” feature. Attackers contacted targets while posing as trusted entities, including support teams or known contacts. Victims were … More →

The post Signal responds to phishing attacks with new in-app security warnings appeared first on Help Net Security.

Sinisa Markovic

Managed ad