Ubiquiti patches three critical vulnerabilities in UniFi OS
The vulnerabilities, identified as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, allow for unauthorized system changes, path traversal for accessing un...
SC Media
20 articles
Cisco warns of AI inaccuracies in security incident reports
Cisco's research highlights several key issues with AI-generated reports, including inconsistency and standardization challenges due to LLMs using different ...
Organizations knowingly ship vulnerable code amid shrinking exploit windows
New research from Checkmarx reveals that 75% of organizations admit to frequently or sometimes deploying code they are aware is vulnerable.
Kash Patel's merchandise site hacked to distribute malware
The attack on Based Apparel, reportedly an attempt to distribute infostealer malware designed to steal user credentials, was first brought to light by a user...
TVs, Old York, Flipper One, Ubiquity, Underminr, CISOs, GitHub, Josh Marpet... - SWN #583
Zscaler acquires Symmetry Systems to enhance AI security
The acquisition of Symmetry Systems is expected to bolster Zscaler's cybersecurity offerings, particularly in protecting artificial intelligence applications.
Belarus-linked Ghostwriter group targets Ukraine using Prometheus learning platform lures
Ghostwriter, also known as UAC-0057 and UNC1151, employs a multi-stage attack.
Middle East malicious infrastructure report highlights concentration of C2 servers
The Hunt.io report identified over 1,350 C2 servers across 98 providers in 14 Middle Eastern countries.
Former executives plead guilty in global tech support fraud scheme
Former CEO Adam Young and former CSO Harrison Gevirtz admitted to a misprision of a felony charge. They operated C.
Dutch authorities arrest two in connection with sanctioned web hosting company
The Dutch financial crime investigators (FIOD) arrested a 57-year-old company director and a 39-year-old who headed a separate firm providing internet connec...
You can now nominate vulnerabilities for CISA’s KEV with this form
CISA seeks to engage the wider community to more quickly identify active exploitation.
Trump Mobile confirms exposure of customer data
Chris Walker, a spokesperson for Trump Mobile, stated that the company is investigating the exposure and has not found evidence of financial information bein...
CISA adds Trend Micro Apex One and Langflow flaws to exploited vulnerabilities catalog
The vulnerabilities added are CVE-2025-34291, an origin validation error in Langflow with a CVSS score of 9.4, and CVE-2026-34926, a directory traversal flaw...
Cisco patches critical 10.0 flaw in Secure Workload APIs
Cisco patches critical 10.0 API flaw in Secure Workload platform.
Facebook scam targets users over 40 with fake Aldi meat box offers
Malwarebytes has identified a phishing scheme circulating on Facebook that preys on individuals aged 40 and above.
State officials urge Congress to reauthorize cybersecurity grant program
State officials emphasized that the State and Local Cybersecurity Grant Program (SLCGP) provided essential aid to local governments, many of which lack dedic...
7 identity security best practice for the Agentic AI era
Here’s how to harden the teams identity security to defend against the rising tide of AI agents.
Trapdoor ad fraud campaign used hundreds of Android apps
The Trapdoor campaign initially distributed seemingly legitimate utility apps, such as PDF readers, through the Google Play Store.
‘Underminr’ exploitation poses similar risks to domain fronting, researchers say
ADAMnetworks estimates about 42% of domains could be abused using the technique.
Wahlap data leak exposes 18.9 million records from WeChat mini-program ecosystem
Security researchers discovered an open Elasticsearch instance belonging to Wahlap, a prominent arcade game manufacturer that collaborates with industry gian...