Hacker Added Prompt to Amazon Q to Erase Files and Cloud Data
A hacker injected a malicious prompt into Amazon Q via GitHub, aiming to delete user files and wipe AWS data, exposing a major security flaw.
Dell Confirms Security Breach by Extortion Group, Calls Stolen Data ‘Fake’
Cyber extortion group World Leaks released more than 1.3TB of internal Dell data, including scripts and backups. Dell insists no sensitive customer information was exposed.
The post Dell Confirms Security Breach by Extortion Group, Calls Stolen Data ‘Fake’ appeared first on eSecurity Planet.
Failure to RTFM Leads to Viral Integrity Vibe Breach by Replit
Guy holding the pray-and-spray button down on his coding environment complains loudly that the predictable happened: (The whole incident, in short, appears to be a social media storm in a vibe-coded teacup and Lemkin’s blithe acceptance of the LL…
Mitel patches critical MiVoice MX-ONE Auth bypass flaw
Mitel addressed a critical MiVoice MX-ONE flaw that could allow an unauthenticated attacker to conduct an authentication bypass attack. A critical authentication bypass flaw (CVSS score of 9.4) in Mitel MiVoice MX-ONE allows attackers to exploit weak access controls and gain unauthorized access to user or admin accounts. “An authentication bypass vulnerability has been identified […]
Military spokesman: Israel surrendered on ninth day of war
The spokesman for the General Staff of the Iranian Armed Forces stated that on the ninth day of the recent 12-day imposed war, Israel raised its hands in surrender and could no longer continue fighting. All of the enemy’s security and military centers…
The Age-Checked Internet Has Arrived
Starting today, UK adults will have to prove their age to access porn online. Experts warn that a global wave of age-check laws threatens to chill speech and ultimately harm children and adults alike.
Scavenger Trojan Targets Crypto Wallets via Game Mods and Browser Flaws
New Scavenger Trojan steals crypto wallet data using fake game mods and browser flaws, targeting MetaMask, Exodus, Bitwarden, and other popular apps.
A Premium Luggage Service’s Web Bugs Exposed the Travel Plans of Every User—Including Diplomats
Security flaws in Airportr, a door-to-door luggage checking service used by 10 airlines, let hackers access user data and even gain privileges that would have let them redirect or steal luggage.
Cybercrime Forum XSS Returns on Mirror and Dark Web 1 Day After Seizure
Cybercrime forum XSS is back online on its mirror and dark web domains just one day after seizure and admin arrest, but questions about its full return remain unanswered.
SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks
SonicWall addressed a critical vulnerability, tracked as CVE-2025-40599 (CVSS score of 9.1), in SMA 100 appliances SonicWall addressed a critical vulnerability, tracked as CVE-2025-40599 (CVSS score of 9.1), in SMA 100 appliances. Experts warn customers to check their installs for Indicators of Compromise (IoCs) associated with Overstep malware attacks. The issue is an authenticated arbitrary […]