China-linked espionage groups have attacked at least a dozen nations in the region, gathering information on maritime shipping, oil production, and other geopolitical interests.
Tag: dozen
AI, APAC, Compliance, Cybersecurity, Data Breaches, Global Security News, Risk Management
MY TAKE: AI agents force a rethink of enterprise service lines as vendors move up the tech tack
ORLANDO — Companies are pulling AI agents into their daily operations through a dozen side doors. Related: SaaS and AI agents converge One of them was in focus at KB4-CON, KnowBe4’s annual customer conference at the Marriott World Center here last week. The Clearwater, Fla.-based cybersecurity training vendor used the conference to lay out a…
Exploits, Global Security News
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems. vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to…
Cybersecurity, Exploits, Global Security News
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2026-21643 (CVSS score: 9.1) – An SQL injection vulnerability in Fortinet FortiClient EMS that could allow an unauthenticated attacker to
Data Breaches, Global Security News
Snowflake customers hit in data theft attacks after SaaS integrator breach
Over a dozen companies have suffered data theft attacks after a SaaS integration provider was breached and authentication tokens stolen. […]
AI, Global Security News, privacy, Risk Management
How to Keep ICE Agents Out of Your Devices at Airports
With Immigration and Customs Enforcement agents deployed to more than a dozen airports across the U.S. and border device searches growing increasingly common, it’s more important than ever to consider your digital security before you travel. The risks are real. Customs and Border Protection agents have the authority to examine travelers’ devices. In June, for…
AI, Data Breaches, Global Security News
Weekly Update 494
Since starting HIBP a dozen and a bit years ago, I’ve loaded an average of one breach every 4.7 days. That’s 959 of them to date, but last week it was five in only two days. That’s a few weeks’ worth of breaches in only 48 and a half hours. And that’s the way it…
china, Global Security News, Network Security, Russia
Nation-State Hackers Put Defense Industrial Base Under Siege
Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors’ networks.
AI, Endpoint, Exploits, Global Security News, Uncategorized
Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypass
Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti released patches for more than a dozen vulnerabilities in Endpoint Manager, including flaws disclosed in October 2025. The update addresses a high-severity authentication bypass, tracked as CVE-2026-1603 (CVSS score of 8.6), that attackers could exploit…