Newspaper

Industry News

General cybersecurity industry news, market trends, and analysis

Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft

SecurityWeek

Industry News

Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft

Dubbed Bleeding Llama, the heap out-of-bounds read issue can be exploited remotely, without authentication.

SecurityWeek2d ago2m1

Critical Remote Code Execution Vulnerability Patched in Android

SecurityWeek

Industry News

Critical Remote Code Execution Vulnerability Patched in Android

CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction.

SecurityWeek2d ago2m1

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

The Hacker News

Industry News

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

OAuth tokens without expiry enable breaches like Drift attack on 700+ firms, bypassing MFA and exposing sensitive data.

The Hacker News2d ago7m1

Industry News

How the Story of a USB Penetration Test Went Viral

Dark Reading

Industry News

How the Story of a USB Penetration Test Went Viral

Two decades ago Dark Reading posted its first blockbuster — a story from a pen tester who sprinkled rigged thumb drives around a credit union parking lot and let curious employees do the rest. This episode looks back at the history-making column with its author Steve Stasiukonis, Dark Reading sen...

Dark Reading2d ago1m1

Industry News

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as MetInfo, according to new findings from VulnCheck. The vulnerability in question is CVE-2026-29014 (CVSS score: 9.8), a code injection flaw that could result in arbitra...

The Hacker News2d ago1m1

Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server

SecurityWeek

Industry News

Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server

The most severe of these security defects could allow remote attackers to execute arbitrary code.

SecurityWeek2d ago2m1

Karakurt Ransomware Negotiator Sentenced to Prison

SecurityWeek

Industry News

Karakurt Ransomware Negotiator Sentenced to Prison

Deniss Zolotarjovs was directly involved in extortion strategies and in negotiations with victim companies.

SecurityWeek2d ago2m1

We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is

The Hacker News

Industry News

We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is

AI infrastructure exposes 1M services from 2M hosts due to weak defaults, increasing risk of data leaks and system compromise

The Hacker News2d ago6m1

MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs

SecurityWeek

Industry News

MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs

The security defects allow unauthenticated, remote attackers to execute arbitrary code through crafted requests.

SecurityWeek2d ago2m1

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

The Hacker News

Industry News

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft spreads BirdCall via sqgame.net since late 2024, targeting Android users, enabling surveillance and data theft.

The Hacker News2d ago4m1

WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities

SecurityWeek

Industry News

WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities

The vulnerabilities were reported to Meta through its bug bounty program and were patched with updates released earlier this year.

SecurityWeek3d ago3m1