CISA warns of critical Linux Sudo flaw exploited in attacks

Hackers are actively exploiting a critical vulnerability (CVE-2025-32463) in the sudo package that enables the execution of ...
SecurityWeek

Salesforce AI Hack Enabled CRM Data Theft

Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak.
The Hacker News

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

Cisco ASA zero-day attacks used RayInitiator bootkit and LINE VIPER malware to breach end-of-support firewalls.

Microsoft is still leaving Mac users exposed to GitHub Mac malware flood

For the last few years, Mac users are facing a wave of fake apps on Microsoft-owned GitHub that disguise themselves as popular software, only to trick victims into handing over their passwords.
The Hacker News

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

The campaign has been codenamed EvilAI by Trend Micro, describing the attackers behind the operation as "highly capable" owing to their ability to blur the line between authentic and deceptive ...

Criminals are using AI-generated fake copyright violation threats to take over social media and websites - here's what you need to know

Cofense research sees cybercriminals spoof legal firms with AI tools, spreading malware that steals crypto and may evolve into ransomware.