Information security

Information security

CrowdStrike claims that Falcon for IT Risk-based Patching solves this problem by bringing vulnerability management and patch implementation together within the Falcon console. It uses proprietary intelligence and AI models to determine which vulnerabilities are most likely to be exploited in practice. With features such as Patch Safety Scores and sensor intelligence, teams should be able to patch faster, more securely, and on a larger scale without disruption.

Mollema has studied Entra ID security in depth and published multiple studies about weaknesses in the system, which was formerly known as Azure Active Directory. But while preparing to present at the Black Hat security conference in Las Vegas in July, Mollema discovered two vulnerabilities that he realized could be used to gain global administrator privileges-essentially god mode-and compromise every Entra ID directory, or what is known as a "tenant."

"SilentSync is capable of remote command execution, file exfiltration, and screen capturing," Zscaler ThreatLabz's Manisha Ramcharan Prajapati and Satyam Singh said. "SilentSync also extracts web browser data, including credentials, history, autofill data, and cookies from web browsers like Chrome, Brave, Edge, and Firefox." The packages, now no longer available for download from PyPI, are listed below. They were both uploaded by a user named "CondeTGAPIS."

Accordingly, OpenAI mitigated the prompt-injection technique ShadowLeak fell to-but only after Radware privately alerted the LLM maker to it. A proof-of-concept attack that Radware published embedded a prompt injection into an email sent to a Gmail account that Deep Research had been given access to. The injection included instructions to scan received emails related to a company's human resources department for the names and addresses of employees. Deep Research dutifully followed those instructions.

October 2, 2025, marks the end of general support for VMware's version 7. After that, Broadcom won't release any new security patches or fixes, and you won't be able to log vendor support tickets for these versions. You'll still have access to previously published updates under the self-service policy (although this could change in time, but there won't be anything new coming.

Scalekit 's authentication stack, purpose-built for agentic apps, is tailored for Model Context Protocol (MCP) servers, allowing security teams to easily add an OAuth 2.1 authorization server. According to the startup, its solution enables developers to rapidly add an encrypted token vault, along with a tool-calling layer, so that AI agents can act on a user's behalf in popular services such as Gmail, HubSpot, Notion, and Slack.

That's a great example of somebody we want to bring in closer into the fold, to say again, as a global community, how can we really take a better look - more holistic look - at CVEs and what it means for defenders worldwide?

A US-based fintech firm has warned customers their data may have been exposed following an insider attack.

Samsung has issued a patch to resolve a critical vulnerability impacting its Android smartphone users. All impacted phone models will receive the fix, which patches a vulnerability tracked as . The security flaw, issued a critical base score of 8.8 by Samsung Mobile (a CNA), is described as an "out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code."

The Pixie Dust hack involves an attacker who is in range of the targeted Wi-Fi network capturing the initial WPS handshake, which contains data that can then be cracked offline to obtain the WPS PIN. The attack leverages the fact that on some devices random numbers are generated using predictable or low-entropy methods. The attacker only needs seconds to capture the WPS handshake and the PIN can then be obtained offline within minutes or even seconds.

The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. For the past year, the threat actors have been targeting Salesforce customers in data theft attacks using social engineering and malicious OAuth applications to breach Salesforce instances and download data. The stolen data is then used to extort companies into paying a ransom to prevent the data from being publicly leaked.

Jaguar Land Rover (JLR) is extending its production shutdown for another week as it works to restore impacted systems following a cyber attack in late August.