Category: Uncategorized
-
CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms [email protected] (The Hacker News)
CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a large combined heat and power plant (CHP) supplying heat to almost half a million customers in the country. The incident took place on December 29,…
-
Quantifying cyber risk at Netflix, Highmark Health: Case studies
Show me the money: In these case studies, learn how the FAIR model helped a nonprofit healthcare company and a streaming giant quantify cyber risk in financial terms.Read More
-
News brief: Patch critical and high-severity vulnerabilities now
Check out the latest security news from the Informa TechTarget team.Read More
-
5 deepfake detection tools to protect enterprise users
Deepfakes are wreaking havoc worldwide — and they’re likely just getting started. To fight fire with fire, CISOs should consider AI-enabled deepfake detection tools.Read More
-
Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access [email protected] (The Hacker News)
Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the ChromeRead…
-
China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware [email protected] (The Hacker News)
Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services (IIS) servers located across Asia, but with a specific focus on targets in Thailand and Vietnam. The scale…
-
Badges, Bytes and Blackmail [email protected] (The Hacker News)
Behind the scenes of law enforcement in cyber: what do we know about caught cybercriminals? What brought them in, where do they come from and what was their function in the crimescape? Introduction: One view on the scattered fight against cybercrime The growing sophistication and diversification of cybercrime have compelled law enforcement agencies worldwide to…
-
Ex-Google Engineer Convicted for Stealing 2,000 AI Trade Secrets for China Startup [email protected] (The Hacker News)
A former Google engineer accused of stealing thousands of the company’s confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday. Linwei Ding (aka Leon Ding), 38, was convicted by a federal jury on seven counts of economic espionage and seven counts of theft…
-
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score [email protected] (The Hacker News)
SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-24423, carries a CVSS score of 9.3 out of 10.0. “SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub APIRead…
-
Versa Concerto SD-WAN Authentication Bypass
What is the Vulnerability? A critical security vulnerability (CVE-2025-34026) has been identified in the Versa Concerto SD-WAN orchestration platform, impacting versions 12.1.2 through 12.2.0. The issue allows unauthorized actors to bypass standard authentication controls and access internal management components. If exploited, this vulnerability could expose sensitive system information and increase the risk of broader platform…