Palo Alto, Calif., Jan. 30, 2025, CyberNewswire — Browser extensions have been under the spotlight in enterprise security news recently due to the wave of OAuth attacks on Chrome extension developers and data exfiltration attacks. However, until now, due to the limitations browser vendors place on the extension subsystem and extensions, it was thought to … Read more
New York Blood Center (NYBC), one of the largest nonprofit blood centers in the United States, says it is experiencing service disruptions after being hit by a ransomware attack. NYBC said in a statement on Wednesday that the organization detected suspicious activity on its IT systems on January 26, which it has since confirmed was … Read more
Japanese electronics giant Casio has confirmed that the personal data of almost 8,500 individuals was stolen during an October ransomware attack. Casio was the target of a ransomware attack on October 5, which saw hackers access sensitive data and render many of the company’s systems unusable. The attack was claimed by the Underground ransomware gang, … Read more
An unpatched vulnerability in the Ivanti Connect Secure VPN has been under active attack. Researchers with Google’s Mandiant Cloud security team said that one or more threat actors are currently exploiting CVE-2025-0282 for remote takeover attacks on targeted networks. The flaw, originally exploited as a zero-day vulnerability, has since been given an emergency patch and … Read more
Jan 03, 2025Ravie LakshmananMachine Learning / Vulnerability Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language model’s (LLM) safety guardrails and produce potentially harmful or malicious responses. The multi-turn (aka many-shot) attack strategy has been codenamed Bad Likert Judge by Palo Alto Networks Unit … Read more
