Tag: software
-
CISA gives federal agencies one year to rip out endlife devices
The U.S. cyber defense agency issued an operational directive on Thursday mandating federal agencies to “remove any hardware and software devices that is no longer supported by its original equipment manufacturer.” First seen on therecord.media Jump to article: therecord.media/cisa-gives-federal-agencies-one-year-end-of-life-devices
-
Attackers Use Legitimate Forensic Driver to Disable Endpoint Security, Huntress Warns
Tags: attack, cybercrime, endpoint, incident response, malicious, software, threat, tool, vulnerabilityCybercriminals are increasingly turning trusted software against defenders, according to new research from Huntress, which has uncovered a real-world attack in which threat actors used a legitimate but vulnerable driver to disable endpoint security tools before deploying further malicious activity. In a detailed incident response analysis, Huntress researchers observed attackers abusing an outdated EnCase forensic…
-
AI and Regulation Redefine Application Security, New Global Study Finds
Artificial intelligence has overtaken all other forces shaping application security, according to a major new industry study that shows organisations racing to secure AI-generated code while responding to growing regulatory pressure. The 16th edition of the Building Security In Maturity Model (BSIMM), released by Black Duck, analysed real-world software security practices across 111 organisations worldwide,…
-
Ohne Google oder Microsoft arbeiten: Eine Woche nur mit europäischer Software
First seen on t3n.de Jump to article: t3n.de/news/ohne-google-oder-microsoft-arbeiten-eine-woche-nur-mit-europaeischer-software-1728129/
-
Veeam ernennt Armin Müller zum Regional Vice President for Central Europe und beschleunigt damit das Wachstum von Data-Resilience und Channel
Veeam Software hat die Ernennung von Armin Müller zum Regional Vice President für Mitteleuropa bekannt gegeben. Mit mehr als 30 Jahren Erfahrung in den Bereichen Unternehmenssoftware, Cloud und Channel-Leadership wird Armin Müller die Geschäfte von Veeam in Zentraleuropa leiten und Unternehmen dabei helfen, robusten Datenschutz, Sicherheit und Business-Continuity zu erreichen. Bevor er zu Veeam […]…
-
Amaranth-Dragon Zielgerichtete Cyberspionage gegen Behörden in Südostasien
Check Point Software Technologies hat über die Sicherheitsforscher von Check Point Research (CPR) hochgradig zielgerichtete Cyberspionagekampagnen aufgedeckt. Sie richteten sich im Jahr 2025 gegen Regierungs- und Strafverfolgungsbehörden in der ASEAN-Region. Die Aktivitäten werden einem bislang öffentlich nicht dokumentierten Bedrohungsakteur namens ‘Amaranth-Dragon” zugeschrieben, der eng mit dem chinesisch zugeordneten APT-41-Ökosystem verbunden ist. Die wichtigsten Ergebnisse im…
-
Microsoft develops a new scanner to detect hidden backdoors in LLMs
Effectiveness of the scanner: Microsoft said the scanner does not require retraining models or prior knowledge of backdoor behavior and operates using forward passes only, avoiding gradient calculations or backpropagation to keep computing costs low.The company also said it works with most causal, GPT-style language models and can be used across a wide range of…
-
Threat Actors Exploiting NGINX Servers to Redirect Web Traffic to Malicious Sites
A new cyber campaign where attackers are hijacking web servers to redirect visitors to malicious websites . The campaign targets NGINX, a popular web server software, and specifically focuses on servers using the Baota (BT) management panel. The attackers, linked to previous >>React2Shell<< activity, modify the server's configuration files to secretly intercept traffic . How…
-
WatchGuard VPN Client Flaw on Windows Enables SYSTEM”‘Level Command Execution
WatchGuard has released a critical security update for its Mobile VPN with IPSec client for Windows to address a privilege escalation vulnerability. The flaw, originating in the underlying software provided by NCP engineering, allows local attackers to execute arbitrary commands with the highest available privileges on a compromised machine. The vulnerability is tracked as NCPVE-2025-0626 (WatchGuard Advisory…
-
OpenClaw or Open Door? Prompt Injection Creates AI Backdoors
Zenity researchers show how indirect prompt injection can turn OpenClaw into a persistent AI backdoor without exploiting a software flaw. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/openclaw-or-open-door-prompt-injection-creates-ai-backdoors/
-
The BSIMM16 report: What today’s software security programs are really doing”, and why it matters
Discover how BSIMM16 software security assessment helps enterprises benchmark their security programs, achieve compliance, and reduce risk. Get the industry’s leading observational security maturity model. Download now. The post The BSIMM16 report: What today’s software security programs are really doing”, and why it matters appeared first on Blog. First seen on securityboulevard.com Jump to article:…
-
EDR killer tool uses signed kernel driver from forensic software
Hackers are abusing a legitimate but long-revoked EnCase kernel driver in an EDR killer that can detect 59 security tools in attempts to deactivate them. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/edr-killer-tool-uses-signed-kernel-driver-from-forensic-software/
-
PhantomVAI Custom Loader Abuses RunPE Utility to Launch Stealthy Attacks on Users
A new threat called PhantomVAI, a custom >>loader<>RunPE<<. This loader […] The post PhantomVAI Custom Loader Abuses RunPE Utility to Launch Stealthy Attacks on Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on gbhackers.com Jump to article: gbhackers.com/phantomvai-custom-loader/
-
3 Security-Trends in der Finanzbranche
Die Finanzbranche verzeichnete im Jahr 2025 einen beispiellosen Anstieg von Cybervorfällen. Nach Angaben von Check Point Software haben sich die Angriffe mit einem Anstieg von 864 im Jahr 2024 auf 1.858 im Jahr 2025 mehr als verdoppelt. Diese Beschleunigung spiegelt eine dramatische Veränderung im Verhalten der Angreifer wider, die von ideologisch motivierten Sabotagen bis hin…
-
One Identity Appoints Gihan Munasinghe as Chief Technology Officer
Alisa Viejo, United States, February 4th, 2026, CyberNewsWire One Identity, a leader in unified identity security, today announced the appointment of Gihan Munasinghe as Chief Technology Officer. Munasinghe brings more than 15 years of experience leading global engineering organizations and delivering large-scale, customer-centric software platforms. In this role, he will lead the engineering organization and set…
-
Threat Actors Conduct Widespread Scanning for Exposed Citrix NetScaler Login Pages
A coordinated reconnaissance campaign targeting Citrix ADC (NetScaler) Gateway infrastructure worldwide. The operation used over 63,000 residential proxy IPs and AWS cloud infrastructure to map login panels and enumerate software versions, a clear indicator of pre-exploitation preparation. The scanning activity generated 111,834 sessions from more than 63,000 unique IP addresses, with 79% of traffic specifically…
-
ValleyRAT Masquerades as LINE Installer to Target Users and Harvest Login Credentials
A malware campaign where cybercriminals distribute a fake LINE messenger installer that secretly deploys the ValleyRAT malware to steal credentials and evade detection. Since early 2025, threat actors have increasingly used fraudulent software installers to deliver malware. This campaign shares techniques with previously discovered LetsVPN-themed attacks, including task-scheduler persistence, PowerShell-based evasion, and C2 communications via Hong Kong servers. Cybereason GSOC performed…
-
Foxit Releases Security Updates for PDF Editor Cloud XSS Vulnerabilities
Foxit Software has released security updates addressing multiple cross-site scripting (XSS) vulnerabilities affecting Foxit PDF Editor Cloud and Foxit eSign, closing gaps that could have allowed attackers to execute arbitrary JavaScript within a user’s browser. The patches were issued as part of Foxit’s ongoing security and stability improvements, with the most recent update for Foxit PDF Editor Cloud released…
-
How Secure by Design helps developers build secure software
Security isn’t just a feature, it’s a foundation. As cyber threats grow more sophisticated and regulations tighten, developers are being asked to do more than just write clean … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/04/cis-secure-software-design-guide/
-
Critical Django Flaw Allows DoS and SQL Injection Attacks
The Django Software Foundation has issued emergency security patches addressing six critical vulnerabilities affecting multiple versions of the popular Python web framework. Released on February 3, 2026, the updates fix severe flaws that could enable attackers to execute SQL injection attacks, cause denial-of-service conditions, and enumerate user accounts.”‹ Django is a widely used open-source Python…
-
Hackers Actively Exploit React Native Metro Server to Target Software Developers
Threat actors are exploiting a critical remote code execution vulnerability in React Native’s Metro development server to deploy sophisticated malware payloads targeting software developers worldwide. The vulnerability, tracked as CVE-2025-11953 and nicknamed >>Metro4Shell,<< allows unauthenticated attackers to execute arbitrary operating system commands on developer machines through a simple crafted HTTP request. Vulnerability Overview CVE-2025-11953 carries a critical…
-
RapidFort Lands $42M to Scale Software Supply Chain Security
San Francisco-Based Startup Eyes AI Adjacencies and Supply Chain Risk Reduction. Software supply chain security firm RapidFort has raised $42 million in Series A funding to expand sales operations and build out its platform. Founder and CEO Mehran Farimani says the company will focus on reducing developer lift while addressing emerging risks tied to AI-enabled…
-
Chinese Money Laundering Jargon via Google’s Gemini
After having a short discussion with Gemini about Chinese Money Laundering, I could tell we weren’t quite connecting on my Mandarin-assistance requests, so I shared an example post from a Telegram “Crime-as-a-Service” group that was part of a Chinese Guarantee Syndicate. For context, these posts were made in the Tudou Guarantee Syndicate’s group dedicated to…
-
DataDome Integrates Bot Protection with Varnish Software’s New Sovereign CDN
DataDome’s AI-powered bot protection now integrates with Varnish CDN’s European infrastructure”, delivering real-time security and full data sovereignty. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/datadome-integrates-bot-protection-with-varnish-softwares-new-sovereign-cdn/
-
White House Nixes Biden-Era Software Security Rules
Analysts Warn of Patchwork Federal Assurance Standards After Rollback. The White House rescinded two key software security policies requiring vendors to attest to secure development practices, citing excessive compliance burdens – but analysts warn the move risks weakening federal software assurance without strong, agency-level replacements. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/white-house-nixes-biden-era-software-security-rules-a-30670
-
NDSS 2025 BinEnhance
Tags: china, conference, data, detection, framework, Internet, network, software, technology, vulnerabilitySession 11B: Binary Analysis Authors, Creators & Presenters: Yongpan Wang (Institute of Information Engineering Chinese Academy of Sciences & University of Chinese Academy of Sciences, China), Hong Li (Institute of Information Engineering Chinese Academy of Sciences & University of Chinese Academy of Sciences, China), Xiaojie Zhu (King Abdullah University of Science and Technology, Thuwal, Saudi…
-
ASUS Discontinues “File Shredder” Feature to Patch Critical Vulnerability
ASUS has discontinued the File Shredder feature in its Business Manager software following the discovery of a critical security vulnerability, CVE-2025-13348. The company issued a security bulletin on February 2, 2026, addressing a flaw affecting ASUS Business Manager version 3.0.36.0 and earlier releases. Rather than patching the vulnerability through conventional updates, ASUS opted to remove…
-
GlassWorm Malware Returns to Shatter Developer Ecosystems
The self-replicating malware has poisoned a fresh set of Open VSX software components, leaving potential downstream victims with infostealer infections. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/glassworm-malware-developer-ecosystems

