EvilTokens abuses Microsoft device code flow for account takeovers
A new phishing-as-a-service (PhaaS) campaign is abusing Microsoft’s device code authentication flow to gain unauthorized access to user accounts. Sekoia...
Siemens SICAM 8 Products
View CSAF
Summary
Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware -...
Yokogawa CENTUM VP
View CSAF
Summary
Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions.
The following versions of Yokogawa CENTUM...
Hitachi Energy Ellipse
View CSAF
Summary
Hitachi Energy is aware of a Jasper Report vulnerability that affects the Ellipse product versions mentioned in this document below. This vulnerability can...
How ‘Wikipedia of cyber’ helps SAP make sense of threat data
SAP runs enormous cloud environments for some of the world’s most heavily-regulated organisations, and in the hyperscale era, data security and compliance were becoming...
What’s driving Oracle’s latest job cuts?
Thousands of job losses have been reported, affecting many roles at Oracle Cloud Infrastructure including software engineering and product compliance - Read more
The AI Security Compliance Gap: Fighting Polymorphic Phishing While Staying Regulatory Ready
As cyber threats evolve, organisations face a growing dilemma: how to defend against increasingly sophisticated phishing attacks while staying compliant with expanding data protection...
Latin America and the Caribbean Cybercrime Landscape
Executive Summary This report provides an overview of trends and developments in the cybercriminal ecosystem of Latin America and the Caribbean (LAC) in...
Iran Threatens to Attack Apple, Google, and Other US Tech Firms in Middle East
Iran has threatened multiple US tech giants in the Middle East, escalating tensions and raising fears of AI-driven warfare turning physical.
The post Iran Threatens...
New Venom Stealer MaaS Platform Automates Continuous Data Theft
Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration - Read more
Latest article
Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface...
Torrance, United States / California, June 11th, 2026, CyberNewswire Criminal IP by AI SPERA, a cyber threat intelligence platform delivering decision-ready intelligence and attack...
Readers reply: Experts say we should use passkeys, but can a smartphone pin really...
The long-running series in which readers answer other readers’ questions on subjects ranging from trivial flights of fancy to profound scientific and philosophical conceptsThis...
CVE-2023-5678 Excessive time spent in DH check / generation with large Q parameter value
Information published. - Read more
Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modules
New Tracing OptionsAs hard as we try to ensure that Metasploit is bug free, issues inevitably come up. Whether you’re running a module on...
