uz
Feedback
Vulnerability News

Vulnerability News

Kanalga Telegram’da o‘tish

Every day new posts about vulnerabilities and cybersecurity news. Get the latest news about the cyberspace! Group: @VulnerabilityNewsGroup

Ko'proq ko'rsatish
4 998
Obunachilar
+624 soatlar
+297 kunlar
+12230 kunlar
Postlar arxiv
Municipal Police Records From the French Town of Le Pontet Allegedly Leaked A threat actor using the alias ChimeraZ has posted what they title “the EPM of the Le Pontet city,” framing it as a database from a juvenile penitentiary for minors aged 13 to 17, and claiming 62,172 lines (about 8.4MB) in CSV format. https://darkwebinformer.com/municipal-police-records-from-the-french-town-of-le-pontet-allegedly-leaked/

French Tour Operator Pachatours Allegedly Breached, Passport, Payment and Credential Data Exposed A threat actor using the alias misere, crediting collaborators (ChimeraZ and NightBroker), has posted what they describe as a complete database breach of Pachatours (pachatours.fr / pachatours.pro), a French tour operator specializing in Hajj packages and Tunisian beach holidays. https://darkwebinformer.com/french-tour-operator-pachatours-allegedly-breached-passport-payment-and-credential-data-exposed/

Quantifind Raises $200 Million for AI-Native Risk Intelligence Quantifind will accelerate international expansion and extend its platform’s localized risk intelligence capabilities. The post Quantifind Raises $200 Million for AI-Native Risk Intelligence appeared first on SecurityWeek. https://www.securityweek.com/quantifind-raises-200-million-for-ai-native-risk-intelligence/

Critical SimpleHelp Vulnerability Exploited for Malware Delivery The threat actor is focused on collecting credentials, SSH keys, cryptocurrency wallets, and development tooling. The post Critical SimpleHelp Vulnerability Exploited for Malware Delivery appeared first on SecurityWeek. https://www.securityweek.com/critical-simplehelp-vulnerability-exploited-for-malware-delivery/

Nissan Employee Data Breached in Oracle PeopleSoft Hack Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed. The post Nissan Employee Data Breached in Oracle PeopleSoft Hack appeared first on SecurityWeek. https://www.securityweek.com/nissan-employee-data-breached-in-oracle-peoplesoft-hack/

The AI Token Costs That Can Break Cybersecurity As cybersecurity platforms embrace agentic AI, organizations must balance detection performance against the escalating costs of token consumption, deployment architecture, and AI credits. The post The AI Token Costs That Can Break Cybersecurity appeared first on SecurityWeek. https://www.securityweek.com/the-ai-token-costs-that-can-break-cybersecurity/

Exploitation of Recent Oracle E-Business Suite Vulnerability Begins The critical-severity defect allows unauthenticated attackers to take over the E-Business Suite’s Payments product. The post Exploitation of Recent Oracle E-Business Suite Vulnerability Begins appeared first on SecurityWeek. https://www.securityweek.com/exploitation-of-recent-oracle-e-business-suite-vulnerability-begins/

Supreme Court Rules Constitutional Privacy Protections Apply to Cellphone Users’ Location History The ruling was made in the case of a bank robber whose identity was discovered through a geofence warrant. The post Supreme Court Rules Constitutional Privacy Protections Apply to Cellphone Users’ Location History appeared first on SecurityWeek. https://www.securityweek.com/supreme-court-rules-constitutional-privacy-protections-apply-to-cellphone-users-location-history/

Hacker Conversations: Chris Thompson, Former Head of IBM X-Force Red, Co-Founder of RemoteThreat Chris Thompson's journey took him from hacking game controls as a teenager to founding IBM’s X-Force Red team. The post Hacker Conversations: Chris Thompson, Former Head of IBM X-Force Red, Co-Founder of RemoteThreat appeared first on SecurityWeek. https://www.securityweek.com/hacker-conversations-chris-thompson-former-head-of-ibm-x-force-red-co-founder-of-remotethreat/

Aflac Japan Data Breach Impacts 4.38 Million Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25. The post Aflac Japan Data Breach Impacts 4.38 Million appeared first on SecurityWeek. https://www.securityweek.com/aflac-japan-data-breach-impacts-4-38-million/

Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors. The post Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks appeared first on SecurityWeek. https://www.securityweek.com/decades-old-bash-tricks-expose-ai-coding-agents-to-supply-chain-attacks/

BlueHammer Vulnerability Exploited in Ransomware Attacks The Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released. The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. https://www.securityweek.com/bluehammer-vulnerability-exploited-in-ransomware-attacks/

CISA: Windows BlueHammer flaw now exploited by ransomware gangs CISA confirmed on Monday that ransomware gangs are now exploiting a Microsoft Defender privilege escalation vulnerability, dubbed BlueHammer, that has previously been abused in zero-day attacks. [...] https://www.bleepingcomputer.com/news/security/cisa-windows-bluehammer-flaw-now-exploited-by-ransomware-gangs/

Blackfield ransomware asks Nidec Corporation for $2 million ransom The Blackfield ransomware gang is asking for a $2 million ransom from Nidec Corporation, a large Japanese manufacturer of electronic components for automotive and computing applications. [...] https://www.bleepingcomputer.com/news/security/blackfield-ransomware-asks-nidec-corporation-for-2-million-ransom/

Kali Linux 2026.2 released with 9 new tools, NetHunter updates Kali Linux 2026.2, the second release of the year, is now available for download, featuring 9 new tools and numerous Kali NetHunter improvements. [...] https://www.bleepingcomputer.com/news/linux/kali-linux-20262-released-with-9-new-tools-nethunter-updates/

Microsoft adds smarter bot protection to Teams meetings Microsoft has introduced a new Teams admin policy that allows organizers to prevent third-party bots from joining meetings without approval. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-smarter-bot-protection-to-teams-meetings/

Insurance giant Aflac discloses data breach after subsidiary hack American insurance giant Aflac has disclosed a new data breach after attackers breached its Japan subsidiary's systems and stole personal and bank account information. [...] https://www.bleepingcomputer.com/news/security/insurance-giant-aflac-discloses-data-breach-after-subsidiary-hack/

Lessons from the Underground: How to Combat Business Email Compromise Business Email Compromise is more than an email scam. It's a coordinated operation involving compromised accounts, financial research, and cash-out networks. Flare explores how underground forums reveal how BEC attacks are planned and executed. [...] https://www.bleepingcomputer.com/news/security/lessons-from-the-underground-how-to-combat-business-email-compromise/

Fake Perplexity extension on Chrome Web Store tracked searches A malicious extension in the Chrome Web Store is masquerading as the Perplexity AI answer engine, intercepting search traffic and collecting browsing information. [...] https://www.bleepingcomputer.com/news/security/fake-perplexity-extension-on-chrome-web-store-tracked-searches/

Malicious PyPI packages give hackers control of Telegram bot servers A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram forks that allow attackers to read arbitrary files on compromised servers. [...] https://www.bleepingcomputer.com/news/security/malicious-pypi-packages-give-hackers-control-of-telegram-bot-servers/