Attackers Can Use Browser Extensions to Inject AI Prompts – Dark Reading
A proof-of-concept attack shows how threat actors can use a poisoned browser extension to inject malicious prompts into a generative AI tool. – Read More
Cyber
Erneuter Hackerangriff bei Orange – CSO Online
width=”2470″ height=”1389″ sizes=”(max-width: 2470px) 100vw, 2470px”> Nachdem bereits im Februar die rumänische Niederlassung gehackt wurde, geriet Orange nun erneut unter Beschuss. Arsenie Krasnevsky – shutterstock.com Der französische Telekommunikationsanbieter Orange hat…
Dobrindt prüft Einsatz von US-Software Palantir – CSO Online
Kann sich den Einsatz von Palantir vorstellen: Bundesinnenminister Dobrindt hotocosmos1 – shutterstock.com Bundesinnenminister Alexander Dobrindt (CSU) prüft den bundesweiten Einsatz der umstrittenen Analyse-Software des US-Unternehmens Palantir. Eine Sprecherin des Ministeriums…
Ransomware upstart Gunra goes cross-platform with encryption upgrades – CSO Online
A new Linux variant of the “Gunra” ransomware family has been identified with highly configurable multithreading, allowing attackers to run up to 100 parallel encryptions. A Trend Micro research underlined…
Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools – The Hacker News
Chinese companies linked to the state-sponsored hacking group known as Silk Typhoon (aka Hafnium) have been identified as behind over a dozen technology patents, shedding light on the shadowy cyber…
Palo Alto Networks eyes $20B CyberArk deal as identity security takes center stage – CSO Online
Palo Alto Networks is closing in on what could be its biggest bet yet: a more than $20 billion acquisition of Israeli identity security company CyberArk, according to a Wall…
Product Walkthrough: A Look Inside Pillar’s AI Security Platform – The Hacker News
In this article, we will provide a brief overview of Pillar Security’s platform to better understand how they are tackling AI security challenges. Pillar Security is building a platform to…
Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome – The Hacker News
Apple on Tuesday released security updates for its entire software portfolio, including a fix for a vulnerability that Google said was exploited as a zero-day in the Chrome web browser…
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero – The Hacker News
Google has announced that it’s making a security feature called Device Bound Session Credentials (DBSC) in open beta to ensure that users are safeguarded against session cookie theft attacks. DBSC,…
African Orgs Fall to Mass Microsoft SharePoint Exploits – Dark Reading
The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise of on-premises Microsoft SharePoint servers.…
Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware – The Hacker News
Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025. “Over the…
Prepping for the quantum threat requires a phased approach to crypto agility – CSO Online
Enterprises need to act now to address the threats future quantum computing advances pose to current encryption standards. But the transition to post-quantum cryptography can only be achieved by a…
How CISOs can scale down without compromising security – CSO Online
Years ago, David Mahdi, now a CISO advisor at Transmit Security, found himself in a situation no security leader wants to face: abrupt, mid-year budget cuts, with no option to…
Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure – The Hacker News
Google Cloud’s Mandiant Consulting has revealed that it has witnessed a drop in activity from the notorious Scattered Spider group, but emphasized the need for organizations to take advantage of…
MCP‑Sicherheit: Das Rückgrat von Agentic AI sichern – CSO Online
Im Zuge von Agentic AI sollten sich CISOs mit MCP-Sicherheit auseinandersetzen. Wanan Wanan – shutterstock.com Das Model Context Protocol (MCP) wurde erst Ende 2024 vorgestellt, dennoch sind die technologischen Folgen…