Aggregator

Даже одно фишинговое письмо способно обрушить безопасность целой экосистемы.

French authorities announced the arrest in Ukraine of an alleged administrator of the long-running cybercrime forum XSS.is. A joint investigation conducted by French police, Ukrainian authorities, and Europol led to the arrest of the suspected administrator of the major Russian-speaking cybercrime forum xss.is. “The Paris prosecutor’s office announced on Wednesday, July 23, that an individual […]

As crawlers and bots bog down websites in the era of AI, some researchers say that the solution for the Internet's most vulnerable websites is already here.

A vulnerability was found in Cisco DNA Center. It has been classified as critical. Affected is an unknown function of the component Diagnostic Handler. The manipulation leads to incorrect privilege assignment. This vulnerability is traded as CVE-2021-1303. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Cisco Identity Services Engine. It has been declared as critical. This vulnerability affects unknown code of the component X.509 Certificate Handler. The manipulation leads to improper certificate validation. This vulnerability was named CVE-2021-1134. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Cisco DNA Center. Affected by this vulnerability is an unknown functionality of the component API Endpoint Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2021-34782. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

An investigation led by the French Police and Paris Prosecutor, in close cooperation with their Ukrainian counterparts and Europol, has resulted in the arrest of the suspected administrator of xss[.]is, one of the world’s most influential Russian-speaking cybercrime platforms. The forum, which had more than 50,000 registered users, served as a key marketplace for stolen […]

The post Key Administrator of World’s Most Popular XSS Dark Web Cybercrime Platform Arrested appeared first on Cyber Security News.

Proton has launched a new tool called Lumo, offering a privacy-first AI assistant that does not log user conversations and doesn't use their prompts for training. [...]

Amazzon Beee Buzzzz: It records everything you say (and what people around you say, too).

The post Amazon AI Privacy Panic — Bee Brings Bezos Panopticon appeared first on Security Boulevard.

It also builds on previous efforts to promote “secure by design” principles in AI systems and tools.

The post Trump AI plan pushes critical infrastructure to use AI for cyber defense appeared first on CyberScoop.

A fresh strain of the long-running macOS.ZuRu family has surfaced, hiding inside a doctored of the popular Termius SSH client and quietly turning developer workstations into remote footholds. First seen in late May 2025, the 248 MB rogue disk image looks and behaves like the genuine installer but stealthily inserts a 25 MB Mach-O binary […]

The post New ZuRu Malware Variant Weaponizes Termius SSH Client to Attack macOS Users appeared first on Cyber Security News.

Clorox is suing IT giant Cognizant for gross negligence, alleging it enabled a massive August 2023 cyberattack by resetting an employee's password for a hacker without first verifying their identity. [...]

Five Nevada men, including a German citizen, received prison sentences of up to 84 months for operating Jetflicks, one of the largest illegal television streaming services in United States history.  The defendants generated millions in criminal profits by distributing copyrighted content through sophisticated automated systems that bypassed legitimate licensing agreements, causing an estimated $37.5 million […]

The post Jetflicks Illegal Paid Streaming Service Operators Jailed for 7 Years appeared first on Cyber Security News.