The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a warning about malicious actors that are actively using remote access trojans (RATs) and commercial spyware to target users of mobile messaging apps. “These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim’s messaging app, facilitating […]
Based on evidence of active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a significant security vulnerability affecting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) list. The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability that affects Fireware OS versions 11.10.2 through 11.12.4_Update1, 12.0 through 12.11.3, and 2025.1. […]
To meet new security standards, such as a reduction in the validity time of SSL/TLS server certificates to 47 days, IBM Japan, Ltd. introduced a new solution based on HashiCorp Vault (henceforth referred to as “Vault”) and Red Hat Ansible Automation Platform (henceforth referred to as “AAP”). This system improves security by automating the whole […]
Lockheed Martin and Google Public Sector announced a strategic partnership to incorporate Google’s cutting-edge generative AI—including its Gemini models—into the Lockheed Martin AI Factory. Through this partnership, Google’s robust AI tools will be implemented in Lockheed Martin’s safe, on-site, and air-gapped environments, making them accessible to employees throughout the company. It is intended to enable […]
Ten malicious npm packages that are intended to transmit an information stealer targeting Windows, Linux, and macOS systems have been found by cybersecurity researchers. “The malware uses four layers of obfuscation to hide its payload, displays a fake CAPTCHA to appear legitimate, fingerprints victims by IP address, and downloads a 24MB PyInstaller-packaged information stealer that […]
The European Union’s Digital Services Act (DSA), which came into force in August 2023 for very large online platforms (VLOPs) and search engines (VLOSEs), and February 2024 for all other platforms, aims to make the digital space safer while protecting users’ fundamental rights. The law covers platforms including Instagram, TikTok, X, LinkedIn, Shein, Booking.com, and […]
