Vulnerabilities
-
AMEOS Group Shuts Down Network Following Cyber Attack
Following a serious cyber attack, the AMEOS Group has shut down its network, raising concerns over patient data security across its European hospitals.
-
Mitel Issues Critical Security Patch for MiVoice MX-ONE Amid Vulnerability Concerns
Mitel Networks has released critical security updates for its MiVoice MX-ONE platform, addressing an authentication bypass vulnerability and a high-severity SQL injection flaw in MiCollab, urging customers to apply patches promptly.
-
Hacker Compromises Amazon’s AI Coding Extension, Raises Concerns Over Security
A hacker compromised Amazon’s AI coding extension, raising serious concerns about the security of generative AI tools and software supply chains. The incident highlights critical vulnerabilities in the integration of open-source code and underscores the need for improved security measures.
-
Cybersecurity Experts Discover Stealthy Backdoor in WordPress Sites
Cybersecurity researchers have uncovered a dangerous backdoor embedded in WordPress sites’ mu-plugins directory, giving hackers persistent access to execute commands without detection.
-
White House Unveils AI Action Plan with Cybersecurity Focus Amid Budget Concerns
The White House has introduced an AI action plan filled with cybersecurity measures, as it aims to secure the United States’ leadership in artificial intelligence. The plan faces scrutiny for its lack of specific implementation guidelines amidst proposed federal budget cuts.
-
National Nuclear Security Administration Targeted in SharePoint Vulnerability Attacks
The National Nuclear Security Administration has been hacked as part of a widespread campaign exploiting a Microsoft SharePoint vulnerability, with the potential breach of numerous government and private sector organizations. No sensitive information appears compromised, according to officials.
-
New Coyote Banking Trojan Exploits Microsoft UI Automation to Target Users
The Coyote banking trojan has been detected using Microsoft’s UI Automation framework to extract banking credentials, marking a significant evolution in malware tactics. Cybersecurity researchers at Akamai confirm it is the first time this technique has been actively exploited, primarily targeting Brazilian users and adapting its methods to evade traditional detection systems.
-
Critical Infrastructure Monitoring Program Halted Due to Lapsed Funding
The expiration of government funding for the CyberSentry Program has raised alarms over cybersecurity vulnerabilities in U.S. critical infrastructure. Program director Nate Gleason highlighted concerns about halted monitoring and an evolving threat landscape during a congressional hearing, as calls for renewed funding grow amidst fears of potential cyberattacks.
-
CISA and FBI Warn of Rising Interlock Ransomware Threats Targeting Businesses
CISA and the FBI have alerted businesses about a significant increase in Interlock ransomware attacks, which primarily target the healthcare sector. The advisory includes strategies for network defense against these sophisticated double extortion threats.
-
Cybersecurity Threats Escalate as Greedy Sponge Targets Mexican Organizations
A sustained campaign by the hacking group Greedy Sponge targets Mexican organizations, deploying modified forms of AllaKore RAT and SystemBC, indicative of heightened cybersecurity risks and persistent operational success.
