Archives: News

A new study by Forescout – Vedere Labs, published on June 5, identified exposed management interfaces in nearly 35,000 solar photovoltaic systems from 42 vendors worldwide.Forescout is a cybersecurity company that specializes in network, endpoint, and IoT security. In collaboration with Vedere Labs, they conducted research and discovered 46 vulnerabilities in solar power devices exposed to the internet. These vulnerabilities could allow hackers to hijack the systems, steal data, disrupt grid stability, cause blackouts, or use these devices ...

The security firm C/side discovered a cybersecurity flaw where attackers use Google’s OAuth logout URL to inject malware.This weaponization of Google OAuth is a new cybersecurity danger that is not only difficult for users to detect but also a challenge for security tools to spot – making this a critical security weakness.

Apple released a major update for iOS 26 that provides an import/export feature for passwords, 2FA authentication codes, and even passkeys across different operating systems.The new feature is compatible with third-party apps and is certified by the FIDO Alliance, suspending the need to use insecure methods for sharing credentials between Apple and other operating systems.

According to a Bitsight research, private webcam feeds are being exposed online, without their owners’ knowledge.The cameras include security cameras and baby monitors, accessible via a browser and a valid IP address. The camera feeds, traded in dark web forums, include innocent and sensitive content.

According to a new study published on Aging (Aging-US), older people who lose weight unintentionally are more prone to suffer a fall than those who don’t.The research, led by Ya-Mei Tzeng in Taiwan, analyzed the data from 375 older adults participating in a fall prevention program and concluded that accurate predictions of fall risk might require looking into individual frailty traits rather than broad frailty labels.

According to SK Telecom, over 9.32 gigabytes of USIM data have been compromised after a malware attack that remained unnoticed for almost three years.It’s reported that the attack lasted from June 15 2022 to April 22 2025, and targeted over 20 South Korean Telecom servers, affecting around 25 million customers. The telecommunications company has addressed the issue by employing cyber-response measures that include removing malware and compartmentalizing online infrastructure.

In May 2025, the unified platform for identity, access, and devices, JumpCloud, acquired VaultOne – a company that develops zero-trust privileged access management (PAM) solutions.VaultOne has been providing security services for a wide range of key assets, including SaaS applications, databases, and cloud infrastructure, since 2017.

A recent investigation by the cybersecurity platform Rapid7 uncovered a sophisticated cyberattack campaign that uses fake installers to inject Winos 4.0 malware into users’ devices.According to Rapid7’s researchers “Catena uses embedded shellcode and configuration switching logic to stage payloads like Winos 4.0 entirely in memory, evading traditional antivirus tools”. They stated that “...

A recent report, published by Kaspersky, found that between Q2 2024 and Q1 2025, hackers carried out over 250,000 cyberattacks by disguising malware files as popular anime titles.The report says bad actors used keywords like “exclusive episodes” and “premium access” to mislead users into downloading infected files. The anime titles used as bait were primarily Attack on Titan, Naruto, and Demon Slayer.

In May 2025, cybersecurity expert, Jeremiah Fowler, identified an unprotected database that contained over 184 million login and password credentials for popular platforms like Facebook, Google, and Microsoft.The database was unencrypted and unprotected, comprising 47.42 GB of raw plain-text data, translating into 184,162,718 credentials. According to Fowler, this data was likely extracted via an infostealer malware attack.The database showing entries from Facebook, ...