Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges. [...]
...moreSummary
Total Articles Found: 17
Top sources:
- Dark Reading 3
- The Register – Security 2
- Top posts on r/netsec 2
- Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 2
- BleepingComputer 1
Top Keywords:
- Security: 3
- Cyber Attack: 2
- Cybersecurity: 2
- Cyber Attacks: 1
- Cyber Crime: 1
Top Authors
- Sergiu Gatlan: 1
- Thomas Claburn: 1
- tootac: 1
- Deeba Ahmed: 1
- Troy Hunt: 1
Top Articles:
- Cisco warns that Unified CM has hardcoded root SSH credentials
- Let's Encrypt rolls out free security certs for IP addresses
- Instagram uses expiring certificates as single day TLS certificates
- Norwegian Dam Valve Forced Open for Hours in Cyberattack
- Drug cartel hacked cameras and phones to spy on FBI and identify witnesses
- Welcoming Truyu to Have I Been Pwned's Partner Program
- Azure API vulnerability and built-in roles misconfiguration enable corporate network takeover
- We've All Been Wrong: Phishing Training Doesn't Work
- FileFix Attack Chain Enables Malicious Script Execution
- Verizon and T-Mobile Deny Data Breaches as Millions of User Records Sold Online
Cisco warns that Unified CM has hardcoded root SSH credentials
🤖: ""Root access alert!""
Let's Encrypt rolls out free security certs for IP addresses
Published: 2025-07-03 07:34:06
Popularity: 103
Author: Thomas Claburn
🤖: "SSL shields up"
You probably don't need one, but it's nice to have the option Let's Encrypt, a certificate authority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.…
...moreInstagram uses expiring certificates as single day TLS certificates
Published: 2025-07-03 21:13:16
Popularity: 37
Author: tootac
🤖: "Expiration alert"
submitted by /u/tootac[link][comments]
...moreNorwegian Dam Valve Forced Open for Hours in Cyberattack
Published: 2025-06-30 09:42:46
Popularity: 33
Author: Deeba Ahmed
Keywords:
🤖: ""Valve blowout""
Unidentified hackers breached a Norwegian dam's control system in April, opening its valve for hours due to a weak password. Learn how simple vulnerabilities threaten critical infrastructure.
...moreDrug cartel hacked cameras and phones to spy on FBI and identify witnesses
🤖: ""Surveillance fail""
The “El Chapo” Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to...
...moreWelcoming Truyu to Have I Been Pwned's Partner Program
🤖: "New partner alert"
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite I always used to joke that when people used Have I Been Pwned (HIBP), we effectively said "Oh no - you've been pwned! Uh, good luck!" and left it at that. That was fine when it was a pet project used by people who live in
...moreAzure API vulnerability and built-in roles misconfiguration enable corporate network takeover
Published: 2025-07-02 14:04:20
Popularity: 17
Author: Apprehensive-Side840
🤖: ""Network Takeover""
submitted by /u/Apprehensive-Side840[link][comments]
...moreWe've All Been Wrong: Phishing Training Doesn't Work
Published: 2025-07-01 18:54:56
Popularity: 14
Author: Nate Nelson, Contributing Writer
🤖: "Phish Fail"
Teaching employees to detect malicious emails isn't really having an impact. What other options do organizations have?
...moreFileFix Attack Chain Enables Malicious Script Execution
Published: 2025-07-02 13:00:00
Popularity: 14
Author: Kristina Beek
🤖: ""Script injection alert""
By using social engineering tactics, threat actors are able to manipulate their victims into saving and renaming files that will backfire against them.
...moreVerizon and T-Mobile Deny Data Breaches as Millions of User Records Sold Online
Published: 2025-07-02 11:03:12
Popularity: 11
Author: Waqas
Keywords:
🤖: ""Data Leak""
User claims to sell stolen Verizon and T-Mobile data for millions of users (online Verizon says data is old T-Mobile denies any breach and links to it.
...more23andMe's new owner says your DNA is safe this time
Published: 2025-07-02 17:32:06
Popularity: 10
Author: Connor Jones
🤖: "Don't worry, it's encrypted"
Nonprofit TTAM assures everything is BAU. Whether that makes customers feel better is another matter The medical research nonprofit vying to buy 23andMe is informing existing customers that it plans to complete the deal on July 8.…
...moreCISA Adds One Known Exploited Vulnerability to Catalog
Published: 2025-07-02 12:00:00
Popularity: 9
Author: CISA
🤖: "Exploit alert!"
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-6554 Google Chromium V8 Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
...more1 Year Later: Lessons Learned From the CrowdStrike Outage
Published: 2025-07-02 14:00:00
Popularity: 9
Author: Nadir Izrael
🤖: "Server Down"
The ever-growing volume of vulnerabilities and threats requires organizations to remain resilient and anti-fragile — that is, to be able to proactively respond to issues and continuously improve.
...moreArticle from search.app
Published: 2025-06-28 12:25:46
Popularity: None
Author: None
🤖: ""Search fail""
We couldn’t extract the content of this article. Here is the URL so you can access it:
https://search.app/r3mXT
Marketplace Takeover: How We Could’ve Taken Over Every Developer Using a VSCode Fork; Putting Millions at Risk
Published: 2025-07-01 02:50:24
Popularity: None
Author: Oren Yomtov
🤖: "VSCode takeover"
TL;DR: We discovered a critical vulnerability in open-vsx.org — the open-source VS Code extension marketplace used by over 8,000,000…
...moreC4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption
Published: 2025-07-01 02:48:39
Popularity: None
Author: Ari Novick
🤖: "Cookie explosion"
In July 2024, Google introduced a new feature to better protect cookies in Chrome: AppBound Cookie Encryption. This new feature was able to disrupt the world of infostealers, forcing the malware...
...moreCatwatchful - 61,641 breached accounts
Published: 2025-07-03 23:04:01
Popularity: None
Author: None
🤖: "Furry hack alert"
In June 2025, spyware maker Catwatchful suffered a data breach that exposed over 60k customer records. The breach was due to a SQL injection vulnerability that enabled email addresses and plain text passwords to be extracted from the system.
...more