Forbes

Microsoft Confirms Critical Windows Defender Security Vulnerability

A Dec. 12 posting to Microsoft’s security update guide has confirmed that a Windows Defender vulnerability, rated as critical according to Microsoft itself, could have enabled an attacker who ...
CSO Online

Claude AI vulnerability exposes enterprise data through code interpreter exploit

Security researcher demonstrates how attackers can hijack Anthropic’s file upload API to exfiltrate sensitive information, ...
GamesIndustry

Unity discovers "major security vulnerability" in development tool dating back to 2017

Unity has discovered a "major security vulnerability" affecting games made using its development tool dating back to 2017. According to a Common Vulnerabilities and Exposures (CVE) analysis, "if an ...
Nextgov

CISA officials commit to supporting top vulnerability cataloging program

Get the latest federal technology news delivered to your inbox. LAS VEGAS — Two Cybersecurity and Infrastructure Security Agency officials committed to supporting the MITRE-backed Common ...
Krebs on Security

Funding Expires for Key Cyber Vulnerability Database

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally ...

"Concerns Over a Second Telecom Hacking" KAIST Discovers Security Vulnerability in 'LTE Core Network'

With the recent SK Telecom hacking incident and the KT micro-payment case highlighting the importance of mobile communication security more than ever, ...
WinBuzzer

Anthropic Claude Flaw Lets Attackers Steal Data Using AI’s Own API

A critical vulnerability in Anthropic's Claude AI allows attackers to exfiltrate user data via a chained exploit that abuses ...
TechSpot

Major TSA security flaw exposed, simple SQL vulnerability could have allowed access to airplane cockpits

Why it matters: Security researchers have uncovered a major vulnerability that could have allowed anyone to bypass airport security and even access airplane cockpits. The flaw was found in the login ...
CSOonline

Security researchers find deep flaws in CVSS vulnerability scoring system

Cybersecurity experts from financial giant JPMorganChase say the cybersecurity community is being misled about the severity of vulnerabilities by the CVSS, which threatens to seriously hinder ...
Ars Technica

Critical vulnerability in Atlassian Confluence server is under “mass exploitation”

A critical vulnerability in Atlassian’s Confluence enterprise server app that allows for malicious commands and resets servers is under active exploitation by threat actors in attacks that install ...
PC World

Millions of Dell laptops hit by ‘critical’ security vulnerability

Time and again, dangerous security vulnerabilities are discovered in the hardware of certain manufacturers. Lenovo AIO PCs landed in the news as recently as last week, and now Dell laptop owners need ...
Ars Technica

Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware

Networks protected by Ivanti VPNs are under active attack by well-resourced hackers who are exploiting a critical vulnerability that gives them complete control over the network-connected devices.