2025

CISA releases malware analysis for Sharepoint Server attack

Indications of compromise and Sigma rules report for your security scanners amid ongoing 'ToolShell' blitz CISA has published a malware analysis report with compromise indicators and Sigma rules for "ToolShell" attacks targeting specific Microsoft SharePoint Server versions.…

KLM, Air France latest major organizations looted for customer data

Watch out, the phishermen are about, customers told European airline giants Air France and KLM say they are the latest in a string of major organizations to have their customers' data stolen by way of a break-in at a third party org.…

Meta training AI on social media posts? Only 7% in Europe think it’s OK

Privacy campaigner Max Schrem's NOYB is back on Zuck's back Updated  Meta's enthusiasm for training its AI on user data is not shared by the users themselves – at least for some Europeans – according a study commissioned by Facebook legal nemesis Max Schrems and his privacy advocacy…

Google says the group behind last year’s Snowflake attack slurped data from one of its Salesforce instances

ShinyHunters suspected in rash of intrusions Google confirmed that criminals breached one of its Salesforce databases and stole info belonging to some of its small-and-medium-business customers.…

Vibe coding tool Cursor’s MCP implementation allows persistent code execution

More evidence that AI expands the attack surface Check Point researchers uncovered a remote code execution bug in popular vibe-coding AI tool Cursor that could allow an attacker to poison developer environments by secretly modifying a previously approved Model Context Protocol (MCP) configuration, silently swapping it for a…

Patch now: Millions of Dell PCs with Broadcom chips vulnerable to attack

Psst, wanna steal someone's biometrics? black hat  Critical security flaws in Broadcom chips used in more than 100 models of Dell computers could allow attackers to take over tens of millions of users' devices, steal passwords, and access sensitive data, including fingerprint information, according to Cisco Talos.…

Study finds humans not completely useless at malware detection

Some pinpointed software nasties but were suspicious of printer drivers too Researchers from the Universities of Guelph and Waterloo have discovered exactly how users decide whether an application is legitimate or malware before installing it – and the good news is they're better than you might expect, at…

Chained bugs in Nvidia’s Triton Inference Server lead to full system compromise

Wiz Research details flaws in Python backend that expose AI models and enable remote code execution Security researchers have lifted the lid on a chain of high-severity vulnerabilities that could lead to remote code execution (RCE) on Nvidia's Triton Inference Server.…

Hacker summer camp: What to expect from BSides, Black Hat, and DEF CON

These are the conference events to keep an eye on. You can even stream a few The security industry is hitting Vegas hard this week with three conferences in Sin City that bring the world's largest collection of security pros together for the annual summer camp.…

Antivirus vendors fail to spot persistent, nasty, stealthy Linux backdoor

'Plague' malware has been around for months without tripping alarms Updated  Researchers at German infosec services company Nextron Threat have spotted malware that creates a highly-persistent Linux backdoor and said that antivirus engines did not initially flag the code as malicious.…

Copyright © 2026 Lugapel