Security news.
Today's cybersecurity landscape highlights critical patches and active exploitation alongside emerging threats to AI systems and IoT devices. CISA has issued urgent directives for federal agencies to address actively exploited vulnerabilities, while new macOS malware and AI-driven attack vectors demonstrate the evolving methods of cybercriminals.
CISA Orders Feds to Patch Actively Exploited Oracle Flaw by Saturday
CISA has mandated federal agencies to patch a critical, actively exploited vulnerability in Oracle E-Business Suite financial applications by Saturday to prevent ongoing attacks.
‘ClickLock Stealer’ Bypasses macOS Security With Social Engineering, Process Killing
A new macOS malware, "ClickLock Stealer," has targeted at least 100 users by using social engineering and process termination to steal passwords and cryptocurrency.
20+ Hijacked Government Websites Became an Attack Channel
More than 20 Brazilian government websites were compromised and used as malware delivery channels in an active PhantomEnigma campaign, revealing new backdoor behaviors and attack infrastructure.
New Agent Data Injection Attack Can Make AI Agents Misclick or Run Attacker Commands
Researchers have identified a new "agent data injection" attack where a single planted piece of information can cause AI agents to perform unintended actions, like making purchases or running arbitrary commands.
Splunk, Zoom Patch Critical Vulnerabilities
Splunk and Zoom have released patches for critical vulnerabilities that could allow attackers to access credentials, steal data, take over accounts, and escalate privileges.
Russian Hackers Trojanize WebEx, Zoom Apps to Push Starland Malware
A Russian threat actor (UAT-11795) is distributing the new Starland RAT by trojanizing legitimate WebEx and Zoom applications to steal credentials and cryptocurrency.
Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide
An unpatched vulnerability in Shark RV2320EDUS robot vacuums could allow attackers to gain root access and control other devices in the same AWS region, potentially accessing cameras, maps, and Wi-Fi passwords.
Old UEFI Shims Expose Systems to Secure Boot Bypass
Vulnerable UEFI shim bootloaders, signed by Microsoft, could be exploited to bypass Secure Boot on any system, regardless of the operating system.