Tag

Cybersecurity

All articles tagged with #cybersecurity

Unauthenticated WordPress core flaw forces urgent updates across 6.9/7.0 lines
cybersecurity4 hours ago

Unauthenticated WordPress core flaw forces urgent updates across 6.9/7.0 lines

An anonymous HTTP request can trigger remote code execution in WordPress core on affected 6.9.x and 7.0.x releases via the REST batch endpoint. WordPress patched 6.9.5 and 7.0.2 on July 17, 2026, after auto-updates began rolling out, but some sites may still be vulnerable if they didn’t receive the update. Mitigations before updating include blocking the batch endpoints at /wp-json/batch/v1 and rest_route=/batch/v1, disabling the REST API, or using a drop-in to filter anonymous batch requests. There is no CVE yet, and a tester at wp2shell.com lets site owners check exposure. The exact number of affected sites is unclear, though the vulnerable window covers recent WordPress releases only.

MSG’s Secret VIP Database and the Data Breach That Exposed It
technology6 hours ago

MSG’s Secret VIP Database and the Data Breach That Exposed It

A WIRED investigation reveals Madison Square Garden maintained a VIP 'talent' database that labeled hundreds of celebrities by risk and even tagged LGBTQIA attendees, while a separate Salesforce database left more than 10 million records exposed in a ShinyHunters hack; attackers used vishing to breach MSG’s security, exposing emails, phone numbers and birth dates and prompting lawsuits and scrutiny over the venue’s surveillance and data-retention practices.

ClickLock macOS infostealer forces a 210ms app-kill loop until password is entered
security20 hours ago

ClickLock macOS infostealer forces a 210ms app-kill loop until password is entered

A new macOS infostealer named ClickLock pastes a command into Terminal, shows a fake system dialog, and—if the user cancels—installs LaunchAgents and starts relentless app-kill loops (every 210 ms) that disrupt Finder, Dock, SystemUIServer, NotificationCenter, and more for up to days until a password is typed. The captured credentials unlock Keychain, Chrome’s Safe Storage key, browser data, wallets, and other secrets, exfiltrated via three compromised domains and Telegram bots without a dedicated C2. Targets span at least 100 victims across 33 countries. Researchers urge revoking sessions, changing all credentials, and recovering in Safe Mode; Apple has started blocking some paste-based deliveries, but attackers continue to adapt.

Zoom warns of critical Windows flaw that could let attackers take over accounts
technology1 day ago

Zoom warns of critical Windows flaw that could let attackers take over accounts

Zoom is warning about a critical, unauthenticated vulnerability in its Windows desktop client, Windows VDI client, and Meeting SDK (CVE-2026-53412, severity 9.8/10) that could enable account takeover over the network. Affected products include Zoom Workplace for Windows before 7.0.0, VDI Client before 7.0.10/6.6.15/6.5.18, and Meeting SDK before 7.0.0. Users should install the latest updates, which also fix several other high-severity flaws, though there are currently no known active exploitations.

Major updates patch critical flaws across Firefox, Chrome, Adobe apps, and VMware
technology2 days ago

Major updates patch critical flaws across Firefox, Chrome, Adobe apps, and VMware

Mozilla patched two critical Firefox flaws (CVE-2026-15718/15719) with exploit code public; Google Chrome fixed 15 bugs including two critical Ozone use-after-free issues (CVE-2026-15764/15765). Adobe released security updates addressing 88 vulnerabilities across ColdFusion, Commerce/Magento, Experience Manager, and Illustrator (with several high-severity CVEs). Broadcom also fixed a critical authentication-bypass in VMware Avi Load Balancer (CVE-2026-47865). None are listed as actively exploited yet, but updates are advised as attackers often weaponize these flaws.

White House launches AI cybersecurity clearinghouse to coordinate critical infrastructure defenses
technology2 days ago

White House launches AI cybersecurity clearinghouse to coordinate critical infrastructure defenses

The White House is launching Gold Eagle, a cross‑agency AI cybersecurity clearinghouse to coordinate defenses for critical infrastructure, with industry and open‑source partners; it follows an executive order requiring pre‑release reviews of advanced AI models and aims to deconflict vulnerability work and accelerate fixes.

Old Microsoft-Signed UEFI Shims Pose Secure Boot Bypass Risk
technology2 days ago

Old Microsoft-Signed UEFI Shims Pose Secure Boot Bypass Risk

Security researchers warn that 11 older, Microsoft-signed UEFI shim bootloaders remain trusted and can be exploited to bypass Secure Boot during boot, enabling bootkits and persistence even on patched systems. The attack leverages legacy certificates (Microsoft UEFI CA 2011), MOK allowlists and SBAT revocation gaps to load vulnerable binaries before the OS initializes. CVEs CVE-2026-8863 and CVE-2026-10797 are involved; Microsoft revoked affected shims in June 2026, but risk persists if these components are not explicitly revoked by hash, creating a long-term supply-chain exposure across multiple vendors (e.g., Red Hat, SUSE, Oracle Linux).

Actively Exploited SharePoint Flaws Prompt Urgent Patch Alert
technology2 days ago

Actively Exploited SharePoint Flaws Prompt Urgent Patch Alert

CISA warns that three on‑premises SharePoint Server flaws (CVE-2026-32201, CVE-2026-45659, CVE-2026-56164) are being actively exploited to bypass authentication and run remote code, with attackers targeting unpatched systems. Microsoft also patched CVE-2026-55040 and CVE-2026-58644. Shadowserver reports thousands of exposed SharePoint servers, prompting urgent patching, hardened logging, AMSI/Defender integration, and limiting internet exposure. Federal agencies have a July 17 deadline under BOD 26-04 to patch CVE-2026-56164. Since 2021, CISA has flagged 11 exploited Microsoft SharePoint vulnerabilities (7 linked to ransomware).

IBM Slumps on Q2 Warning as AI Budget Shifts Reshape Enterprise Tech
business2 days ago

IBM Slumps on Q2 Warning as AI Budget Shifts Reshape Enterprise Tech

IBM shares tumbled after a preliminary Q2 warning that demand for its software and infrastructure offerings is waning as clients redirect IT budgets toward AI hardware, marking the stock’s worst day in 115 years. The broader market edged higher while investors rotated into cybersecurity and AI hardware names in anticipation of IBM’s July 22 results.

Pentagon Pauses CMMC Phase 2 to Reassess Costs and Contractor Capacity
technology2 days ago

Pentagon Pauses CMMC Phase 2 to Reassess Costs and Contractor Capacity

The Pentagon has frozen the planned Phase 2 rollout of the Cybersecurity Maturity Model Certification (CMMC), forming a cross‑department Reform Task Force and issuing an RFI to gather feedback as it reviews the program. The halt aims to prevent driving many small and mid‑sized defense vendors out of the defense industrial base, citing costs (SBA data suggesting potential multi‑billion‑dollar annual expenses) and a shortage of assessors (roughly 100 for more than 100,000 DIB companies). Until the review concludes (within about 60 days), enforcement will rely on self‑assessments under NIST 800‑171, with the possibility of further changes, including potential cancellation of CMMC after the pause.

cybersecurity2 days ago

Gold Eagle Initiative Creates AI Patch Clearinghouse for Cybersecurity

The White House launched the Gold Eagle AI cybersecurity clearinghouse to help federal agencies, critical infrastructure operators, and AI developers identify and patch software vulnerabilities uncovered by advanced AI models, in line with a June executive order on AI security. The multi‑sector effort will involve industry partners and open‑source developers, use frontier models like Mythos, and serves as the administration’s first major test of voluntary AI-security directives.

security3 days ago

CISA Warns of Active SharePoint Exploits, Urges Immediate Hardening

CISA warns of active exploitation of three on-premises SharePoint vulnerabilities (CVE-2026-32201, CVE-2026-45659, CVE-2026-56164) that enable remote code execution and post-exploitation activity such as stealing IIS machine keys; two additional CVEs (CVE-2026-55040 and CVE-2026-58644) are also identified as potential risks if not patched. To mitigate, organizations should apply the latest Microsoft patches, verify installation completion, and shorten patching cycles where possible; ensure AMSI integration is enabled for all SharePoint web apps and follow Microsoft guidance for AMSI configuration. Use the provided AMSI and MDAV detections as part of incident response and hardening: hunt for intrusion artifacts before rotating IIS keys, implement enhanced logging and telemetry to detect anomalies, and limit internet exposure by placing SharePoint behind a Layer 7 proxy and restricting Central Administration access. Review Microsoft’s security guidance and report incidents to CISA as needed. These CVEs have been added to the Known Exploited Vulnerabilities (KEV) catalog.

iOS 26.6 Adds Malicious Message Warnings in Beta
technology3 days ago

iOS 26.6 Adds Malicious Message Warnings in Beta

Apple's iOS 26.6 beta adds a 'Malicious Message Detected' alert that warns if an iMessage could harm your iPhone or privacy; users can share the message with Apple for investigation, with options to Not Now, Share With Apple, and Don't Report, though Not Now may cause the alert to reappear later. The feature is confirmed in beta code but not yet seen in the wild, and it aims to combat phishing and exploits in Messages alongside other security measures; a public release is expected around the end of July.

IBM stock dives after surprise Q2 warning tied to mainframe delays
business3 days ago

IBM stock dives after surprise Q2 warning tied to mainframe delays

IBM warned of weaker Q2 results: sales of about $17.2 billion versus estimates of $17.85 billion and non-GAAP EPS of $2.93 vs. $3.02, blaming delays in the z17 mainframe launch, shortfalls in the software stack, and a client capex shift toward servers and storage amid supply constraints and cybersecurity concerns. The warning sent IBM shares down roughly 23–24% in premarket trading, marking one of its sharpest one-day declines in decades.

Russia-backed hackers weaponize home routers, US issues router-security advisory
technology3 days ago

Russia-backed hackers weaponize home routers, US issues router-security advisory

The US government warns that Russia-state hackers are compromising home and small-office routers to conceal attacks on critical infrastructure, exploiting weak SNMP configurations and default credentials to turn devices into exit nodes; the advisory urges disabling SNMP versions 1 and 2 (or SNMP entirely), using SNMPv3 if needed, disabling Cisco Smart Install, and maintaining strong passwords along with regular firmware updates to reduce risk.