Cybersecurity

Google says the group behind last year’s Snowflake attack slurped data from one of its Salesforce instances

ShinyHunters suspected in rash of intrusions Google confirmed that criminals breached one of its Salesforce databases and stole info belonging to some of its small-and-medium-business customers.…

Vibe coding tool Cursor’s MCP implementation allows persistent code execution

More evidence that AI expands the attack surface Check Point researchers uncovered a remote code execution bug in popular vibe-coding AI tool Cursor that could allow an attacker to poison developer environments by secretly modifying a previously approved Model Context Protocol (MCP) configuration, silently swapping it for a…

Patch now: Millions of Dell PCs with Broadcom chips vulnerable to attack

Psst, wanna steal someone's biometrics? black hat  Critical security flaws in Broadcom chips used in more than 100 models of Dell computers could allow attackers to take over tens of millions of users' devices, steal passwords, and access sensitive data, including fingerprint information, according to Cisco Talos.…

Study finds humans not completely useless at malware detection

Some pinpointed software nasties but were suspicious of printer drivers too Researchers from the Universities of Guelph and Waterloo have discovered exactly how users decide whether an application is legitimate or malware before installing it – and the good news is they're better than you might expect, at…

Chained bugs in Nvidia’s Triton Inference Server lead to full system compromise

Wiz Research details flaws in Python backend that expose AI models and enable remote code execution Security researchers have lifted the lid on a chain of high-severity vulnerabilities that could lead to remote code execution (RCE) on Nvidia's Triton Inference Server.…

Hacker summer camp: What to expect from BSides, Black Hat, and DEF CON

These are the conference events to keep an eye on. You can even stream a few The security industry is hitting Vegas hard this week with three conferences in Sin City that bring the world's largest collection of security pros together for the annual summer camp.…

Antivirus vendors fail to spot persistent, nasty, stealthy Linux backdoor

'Plague' malware has been around for months without tripping alarms Updated  Researchers at German infosec services company Nextron Threat have spotted malware that creates a highly-persistent Linux backdoor and said that antivirus engines did not initially flag the code as malicious.…

SonicWall investigates ‘cyber incidents,’ including ransomware targeting suspected 0-day

Bypassing MFA and deploying ransomware…sounds like something that rhymes with 'schmero-day' SonicWall on Monday confirmed that it's investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit in its VPNs.…

Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons

Devs told to exercise 'extreme caution' with emails disguised as account update prompts Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons.…

German phone repair biz collapses following 2023 ransomware attack

Founder miffed over prosecutors holding onto its Bitcoin The founder of a German mobile phone repair and insurance biz has begun insolvency proceedings for some operations in his company after struggling financially following a costly ransomware attack in 2023.…

Copyright © 2026 Lugapel