Antivirus and Security news

Edge browser leaves passwords exposed in plain text, says researcher

A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses. Tom Jøran Sønstebyseter Rønning found that passwords are being saved within the browser in plain text, with the effect that any PC, particularly a shared machine, within an organization is a potential risk. In a […] more…

Ask Jeeves bites the dust

Ask Jeeves, the popular search engine where users could enter questions using natural language, launched on June 1, 1997. Nine years later, it was rebranded as Ask.com — and ever since, the number of users has declined with each passing year. On Friday, the service shut down for a good — a move made necessary […] more…

Apple can’t make chips fast enough, but that’s only part of the story

Apple has held “exploratory” talks about manufacturing processors for its devices in the US, Bloomberg reports. The move seems to reflect Apple’s need to secure additional chip supplies to meet growing demand for its products, but could also represent a contingency plan to reduce the company’s reliance on Taiwan Semiconductor Manufacturing Company (TSMC’s) advanced manufacturing facilities in Taiwan. I doubt […] more…

Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations

The malicious emails claim to contain a conduct report and lure victims to a Microsoft phishing website that leverages AitM. The post Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations appeared first on SecurityWeek. more…

Hacker Conversations: Joey Melo on Hacking AI

AI red team specialist details his methods for manipulating AI guardrails through jailbreaking and data poisoning, helping developers harden machine learning models. The post Hacker Conversations: Joey Melo on Hacking AI appeared first on SecurityWeek. more…

Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft

Dubbed Bleeding Llama, the heap out-of-bounds read issue can be exploited remotely, without authentication. The post Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft appeared first on SecurityWeek. more…

AI-led job cuts don’t always mean stronger ROI — Gartner

Businesses tend to eye AI spending as a way to reduce headcount, but firms that cut staffers as a result of AI are doing no better than those who don’t, according to new Gartner research. Gartner recently surveyed 350 global business leaders at large organizations already using AI agents and intelligent automation tools and found […] more…

Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server

The most severe of these security defects could allow remote attackers to execute arbitrary code. The post Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server appeared first on SecurityWeek. more…

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A newly identified malware campaign is abusing Microsoft’s Phone Link feature to intercept SMS-based one-time passwords and other sensitive mobile data directly from Windows systems. The activity, first observed by Cisco Talos in January 2026, involves a remote access trojan dubbed CloudZ and a custom plugin named Pheno that together allow attackers to harvest credentials […] more…

Karakurt Ransomware Negotiator Sentenced to Prison

Deniss Zolotarjovs was directly involved in extortion strategies and in negotiations with victim companies. The post Karakurt Ransomware Negotiator Sentenced to Prison appeared first on SecurityWeek. more…

Microsoft, Google push AI agent governance into enterprise IT mainstream

Microsoft and Google are adding new controls for AI agents, as enterprise IT teams try to keep up with tools that can access corporate data and act across business applications. Microsoft’s Agent 365, made generally available for commercial customers on May 1, is designed to help organizations discover, govern, and secure AI agents, including those […] more…

MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs

The security defects allow unauthenticated, remote attackers to execute arbitrary code through crafted requests. The post MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs appeared first on SecurityWeek. more…

WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities

The vulnerabilities were reported to Meta through its bug bounty program and were patched with updates released earlier this year. The post WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities appeared first on SecurityWeek. more…

Scientists just created exotic new forms of matter that shouldn’t exist

A new quantum physics study reveals that simply changing a magnetic field over time can unlock entirely new forms of matter that don’t exist under normal conditions. By carefully “driving” materials with timed magnetic shifts, researchers created exotic quantum states that could be far more stable and resistant to errors—one of the biggest challenges in […] more…

DNSSEC: The Extra Security Layer That Can Break Your Padlock

Turning on DNSSEC makes your domain more secure — but if it’s misconfigured, newer certificate validation rules can stop SSL renewals in their tracks. Hey there, You know that satisfying click when you finally turn on DNSSEC? It feels like adding a shiny new deadbolt to your domain’s front door. You’re doing the responsible thing: […] more…

Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks

The acquisition strengthens Cisco’s push into identity-centric security for AI and machine access. The post Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks appeared first on SecurityWeek. more…

« Older posts

Newer posts »