Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

News > Attacks & Threats
page: 1 2
Foxconn Attack Highlights Manufacturing's Cyber Crisis

A Nitrogen ransomware attack on Foxconn's North American facilities is one of 600 hits on manufacturers this year, as gangs increasingly target the se… More...
'TrustFall' Convention Exposes Claude Code Execution Risk

Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no user interaction, thanks … More...
Hackers Use AI for Exploit Development, Attack Automation

Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks. More...
Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk

A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and thus use them to engage in furt… More...
If AI's So Smart, Why Does It Keep Deleting Production Databases?

The issue isn't artificial intelligence, but rather an industry adding AI agent integrations into production environments before proper security testi… More...
Bad Memories Still Haunt AI Agents

Cisco found and fixed a significant vulnerability in the way Anthropic handles memories, but experts warn that mishandled memory files will continue t… More...
Every Old Vulnerability Is Now an AI Vulnerability

AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones. More...
Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool

The prompt-injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and ar… More...
Grafana AI Bug Leaks Data With Zero-Click Exploit

Chained Bypasses Exfiltrate Data Via Hidden AI Prompts More...
Critical MCP Integration Flaw Puts NGINX at Risk

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration files. More...
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud

More...
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm

In a new report from the Cloud Security Alliance (CSA), experts warn of an "AI vulnerability storm" triggered by the introduction of Anthropic's Claud… More...
Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?

Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the vendor said. More...
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Li… More...
Storm-1175 Deploys Medusa Ransomware at 'High Velocity'

Microsoft says the financially motivated cybercrime group has exploited N-day and zero-day vulnerabilities in campaigns predicated on speed. More...
Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer. More...
TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials

The threat group's shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to compromised credentials. More...
Attackers Target Backup Storage to Force Ransom Payment

Object First's Cusimano on Why Backup Storage Is Now a Prime Ransomware Target More...
Critical Flaw in Langflow AI Platform Under Attack

Threats actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizations have little time to addres… More...
Attackers Hide Infostealer in Copyright Infringement Notices

More...
Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish

In an unsuccessful phishing attack, threat actors leveraged trusted brands and domains to try to redirect a C-suite executive at Outpost24 to give up … More...

page: 1 2
image

Contact Us

Security Interest Group Switzerland
c/o Bridge Head AG
Sulzbergstrasse 34
5430 Wettingen
Switzerland

Quick Links

Terms
Contact Us
Privacy Policy
Newsletter

Follow Us

This website is powered by
ToucanTech