Notícias

The US and allies are urging Cisco Catalyst SD-WAN customers to hunt for signs of exploitation

UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, including recruiting coding tests. [...]

Internet-facing VPNs, routers, and remote access services absorbed sustained exploitation attempts throughout the second half of 2025, with nearly 3 billion malicious sessions recorded over 162 days. The concentration on edge infrastructure aligns with how attackers pursue initial access across the public internet. GreyNoise's State of the Edge data set covers 2.97 billion sessions observed between July 23 and December 31, 2025, across sensors in more than 80 countries. Activity averaged roughly 212 malicious sessions … More → The post Edge systems take the brunt of internet-wide exploitation attempts appeared first on Help Net Security.

OpenClaw has sparked heavy Telegram and dark web chatter, but Flare's data shows more research hype than mass exploitation. Flare explains how its telemetry found real supply-chain risk in the skills marketplace, yet limited signs of large-scale criminal operationalization. [...]

submitted by /u/gquere [link] [comments]

Google has fixed three high-severity Chrome flaws that could enable remote exploitation. The post Google Patches Three High-Severity Chrome Flaws appeared first on eSecurity Planet.

16 zero-day security flaws found in Foxit and Apryse PDF platforms could lead to account takeover and RCE. Learn how AI identified these risks.

Patched in December 2025, the exploited flaw leads to XSS attacks via the animate tags in SVG documents. The post Recent RoundCube Webmail Vulnerability Exploited in Attacks appeared first on SecurityWeek.

Here's an overview of some of last week's most interesting news, articles, interviews and videos: Security at AI speed: The new CISO reality The CISO role has changed significantly over the past decade, but according to John White, EMEA Field CISO, Torq, the most disruptive shift is accountability driven by agentic AI. In this Help Net Security interview, White explains how security leaders must design and govern hybrid workforces where humans and AI agents operate … More → The post Week in review: Firmware-level Android backdoor found on tablets, Dell zero-day exploited since 2024 appeared first on Help Net Security.