Vulnerabilities
-
Crosswalk Button Hacking Sparks Safety Concerns in U.S. Cities
Crosswalk buttons in various U.S. cities have been hacked to emit AI-generated voices of tech moguls, raising safety concerns for pedestrians, particularly the visually impaired, as municipalities scramble to address these vulnerabilities.
-
Organizations Struggle to Address Cybersecurity Vulnerabilities, New Report Reveals
A recent report from Cobalt has revealed that organizations are fixing less than half of their cybersecurity vulnerabilities, with serious implications for security posture, particularly regarding generative AI applications.
-
Cybercriminals Exploit Zoom’s Remote Control Feature to Install Malware
Cybercriminals are exploiting Zoom’s remote control feature to install malware, targeting high-profile individuals through deceptive invitations to participate in podcasts, resulting in significant financial losses.
-
AI-Driven Fraud Threats Challenge Identity Verification in Cybersecurity
As AI-driven technology becomes more prevalent among cybercriminals, firms specializing in identity verification, such as Trulioo and Microblink, face an ongoing battle to counter increasingly convincing synthetic identities and fraudulent documents, emphasizing the need for advanced AI detection methods and multilayered defenses.
-
China’s Mustang Panda Expands Malware Arsenal Amid Surveillance Efforts
Mustang Panda, a state-sponsored Chinese hacking group, has expanded its malware capabilities with four new tools, including keyloggers, as part of its ongoing surveillance efforts. These enhancements highlight a significant escalation in their cyber espionage activities.
-
CISA Identifies Exploited Windows Vulnerability: Urgent Fixes Required
CISA has identified a medium-severity vulnerability in Microsoft Windows, designated CVE-2025-24054, which has come under active exploitation. The vulnerability, tied to the deprecated NTLM authentication protocol, allows unauthorized access to sensitive data. Urgent measures are required to secure systems against ongoing attacks targeting both governmental and private institutions.
-
US Government Agrees to Continue Funding CVE Program Amid Concerns
In a crucial move for the cybersecurity sector, the US government has agreed to extend funding for the Common Vulnerabilities and Exposures (CVE) program amid concerns over its future. Following MITRE’s announcement that federal support was about to end, this extension ensures the continuity of CVE services, which are pivotal in identifying and managing technology…
-
End of CVE Program Sparks Concerns Among Cybersecurity Experts
The Department of Homeland Security’s decision to let its contract with MITRE expire could jeopardize the future of the Common Vulnerabilities and Exposures (CVE) program, raising alarms among cybersecurity experts about the potential disruption to vulnerability tracking and management.
-
AI Presentation Tool Exploited in Phishing Scams, Experts Warn
Research from Abnormal Security reveals that the AI presentation tool Gamma is being exploited in phishing attacks to trick users into revealing their credentials via counterfeit communications.
-
Organizations Struggle to Address Cyber Vulnerabilities, Despite Increased Pentesting Efforts
A recent report reveals that organizations are addressing less than half of exploitable vulnerabilities, particularly in Generative AI applications, underscoring the need for improved security measures despite widespread recognition of the importance of pentesting.
