Vendors
-
Hacker Threw MacBook Air in River after Breach that Exposed 33.7 Million Accounts
Investigators recovered a MacBook Air thrown into a river after a breach that exposed data for 33.7 million users. The company detailed a 1.685 trillion won compensation package and a government-led probe to manage the response.
-
Critical authentication bypass in IBM API Connect prompts urgent patching
A critical authentication bypass in IBM API Connect, tracked as CVE-2025-13915 and affecting several 10.0.8.x and 10.0.11.0 releases, can grant unauthorized access without user interaction. IBM issued interim fixes and advised disabling developer self-service if unable to patch.
-
Jamf finds MacSync macOS stealer delivered in signed, notarized Swift installer
Jamf researchers found a MacSync macOS stealer variant delivered in a code-signed, notarized Swift installer inside a DMG that could bypass Gatekeeper; Apple revoked the signing certificate and analysis links the payload to the rebranded Mac.c infostealer with remote command-and-control capabilities.
-
ServiceNow to buy Armis for $7.75 billion to expand device-focused security
ServiceNow agreed to buy Armis for $7.75 billion to expand its security offerings into device and cyber-physical exposure management, combining Armis’ asset discovery with ServiceNow’s workflow and risk products and citing AI-driven automation as a core rationale.
-
Italy fines Apple €98.6 million over App Tracking Transparency practices
Italy’s competition authority fined Apple €98.6 million, saying App Tracking Transparency exempted Apple apps and forced developers into a burdensome double-consent process; Apple plans to appeal.
-
Critical vulnerability in n8n workflow platform could allow code execution (CVE-2025-68613)
A critical vulnerability in the n8n workflow automation platform (CVE-2025-68613) with a CVSS score of 9.9 could allow authenticated users to trigger arbitrary code execution; patches are available and Censys reports over 103,000 potentially vulnerable instances.
-
South Korea to require facial scans for new mobile accounts to curb scams
The South Korean government will require facial recognition scans for new mobile accounts to curb scams, using biometric data stored in carriers’ PASS apps, after major data breaches and a large compensation order for SK Telecom customers.
-
UEFI firmware flaw leaves early-boot DMA protections uninitialized on multiple motherboards
A firmware flaw affecting ASRock, ASUS, GIGABYTE and MSI motherboards can leave IOMMU uninitialized during early boot, allowing DMA-capable PCIe devices with physical access to read or modify system memory; four CVEs have been assigned and vendors have released firmware updates.
-
HPE fixes critical OneView flaw rated CVSS 10.0 that allows remote code execution
Hewlett Packard Enterprise has fixed a CVSS 10.0 vulnerability in OneView (CVE-2025-37164) that could allow unauthenticated remote code execution; patches, version 11.00 and hotfixes for earlier releases, are available and should be applied promptly.
-
Kimsuky campaign uses QR codes to deliver DocSwap Android malware, South Korean firm says
South Korean firm ENKI linked the North Korean actor Kimsuky to a campaign distributing a DocSwap Android trojan via QR codes on phishing sites impersonating CJ Logistics; the malware decrypts an embedded APK, registers a RAT service and accepts many remote commands.
