#vulnerability-exploitation

[ follow ]
#cybersecurity #ransomware #cloud-security #phishing #cisa #malware #attack-surface-management #zero-day-response
Information security
fromThe Hacker News
1 day ago

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

Teams must reduce unnecessary internet-facing exposure to minimize vulnerability exploitation risk, as time-to-exploit windows are shrinking to hours or minutes.
Information security
fromZDNET
2 days ago

Cybercriminals are using AI to attack the cloud faster - and third-party software is the weak link

AI accelerates vulnerability exploitation from weeks to days, forcing organizations to adopt AI-powered automated defenses against cloud attacks targeting weak third-party software.
fromSecurityWeek
5 days ago

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

The vulnerability, related to an insufficiently protected cryptographic key, could allow a remote, unauthenticated attacker to bypass verification and connect to a targeted controller by mimicking an engineering workstation. In a real-world industrial environment, the vulnerability could allow remote attackers to manipulate PLC logic and disrupt manufacturing processes, or even cause physical damage to equipment.
Information security
Privacy professionals
fromTheregister
1 week ago

LexisNexis Legal & Professional confirms data breach

LexisNexis Legal & Professional division experienced a data breach affecting legacy servers, with Fulcrumsec claiming responsibility for exploiting a vulnerable React container to access approximately 2 GB of data.
Information security
fromComputerWeekly.com
2 weeks ago

Application exploitation back in vogue, says IBM cyber unit | Computer Weekly

Cyber attacks exploiting vulnerable public-facing applications increased 44%, surpassing credential abuse attacks, with AI tools accelerating vulnerability discovery and exploitation.
Information security
fromThe Hacker News
2 weeks ago

From Exposure to Exploitation: How AI Collapses Your Response Window

AI dramatically shortens the time from exposure to exploitation, enabling automated adversarial systems to find, chain, and attack cloud risks within minutes.
Information security
fromTheregister
1 month ago

Vulnerability exploits now dominate intrusions

Exploit of disclosed vulnerabilities now causes most intrusions, with attackers weaponizing new flaws within hours while many organizations patch slowly.
fromDataBreaches.Net
2 months ago

US, Australia say 'MongoBleed' bug being exploited - DataBreaches.Net

U.S. and Australian cyber agencies confirmed that hackers are exploiting a vulnerability that emerged over the Christmas holiday and is impacting data storage systems from the company MongoDB. The issue drew concern on December 25 when a prominent researcher published exploit code for CVE-2025-14847 - a vulnerability MongoDB announced on December 15 and patched on December 19.
Information security
Information security
fromTheregister
2 months ago

Tabletop exercises look a little different this year

Run tabletop cyber-incident exercises that account for AI-accelerated attacks and defenders' AI use to ensure rapid detection, containment, and organizational resilience.
Information security
fromThe Hacker News
2 months ago

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

GRU-linked APT44 ran a 2021–2025 campaign targeting Western critical infrastructure, exploiting misconfigured network edge devices and known software vulnerabilities.
Information security
fromThe Hacker News
4 months ago

Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Cyberattacks are increasingly sophisticated, exploiting new vulnerabilities, trusted systems, and encrypted backups to conduct espionage, ransomware, and phishing across diverse targets.
Information security
fromIT Pro
5 months ago

Foreign states ramp up cyber attacks on EU with AI-driven phishing and DDoS campaigns

EU public administration faces intense state-aligned cyberespionage; phishing drives initial intrusions, hacktivist DDoS dominates incident counts, and vulnerability exploitation remains significant.
#cybersecurity
Remote teams
fromThe Hacker News
9 months ago

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks

UAT-6382 exploited a vulnerability in Trimble Cityworks to establish persistent access through advanced malware and web shells.
more#cybersecurity
Privacy professionals
fromMail Online
10 months ago

Urgent warning to all 3b Gmail users over 'sophisticated' hack

Google has encountered a sophisticated phishing attack threatening 1.8 billion Gmail users, which exploits existing vulnerabilities in its infrastructure.
[ Load more ]