soc

The online travel platform has not said how many customers’ booking information was exposed, but said the issue has been contained.  The post Booking.com Says Hackers Accessed User Information appeared first on SecurityWeek.

Claude Code & ChatGPT Used to Steal Millions of Records in Mexican Government Breach A cyberattack spanning nine Mexican government organizations has become one of the clearest examples yet of how commercial AI can accelerate a cyberattack. In this case, Claude Code and ChatGPT helped speed up exploitation, automate reconnaissance, support privilege escalation, and increase […]

Claims that “Microsoft is running one of the largest corporate espionage operations in modern history” face scrutiny as researchers analyze LinkedIn’s browser extension probing The post BrowserGate: Claims of LinkedIn ‘Spying’ Clash With Security Research Findings appeared first on SecurityWeek.

The AI giant is taking action after determining that a macOS code signing certificate may have been compromised. The post OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack appeared first on SecurityWeek.

Alleged Police Tipline Data Sale, iOS and Adobe Exploits, RDWeb Access Listings, and Gunra Recruitment SOCRadar’s Dark Web Team identified several new underground posts this week, including an alleged sale of U.S. and Canada tipline database records, claims of high-end exploitation tooling for iOS and Adobe Reader, and multiple RDWeb access listings marketed with elevated […]

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2012-1854 Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability CVE-2020-9715 Adobe Acrobat Use-After-Free Vulnerability CVE-2023-21529 Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability CVE-2023-36424 Microsoft Windows Out-of-Bounds Read Vulnerability CVE-2025-60710 Microsoft Windows Link Following Vulnerability […]

Law enforcement in the US, UK and Canada identified more than $45 million in cryptocurrency and froze $12 million. The post International Operation Targets Multimillion-Dollar Crypto Theft Schemes appeared first on SecurityWeek.

CVE-2026-34621: Adobe Acrobat Reader Zero-Day Enables Arbitrary Code Execution via Crafted PDF Adobe released an emergency update for Adobe Acrobat and Adobe Acrobat Reader on Windows and macOS to address CVE-2026-34621, a vulnerability that can lead to arbitrary code execution when a victim opens a crafted PDF. Adobe also confirmed it is exploited in the […]

Download links were replaced by a Russian-speaking threat actor to distribute a recently emerged malware named STX RAT. The post CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads appeared first on SecurityWeek.

Could XChat Become a Telegram Rival and a Future Hub for Threat Actors? X’s upcoming messaging app, XChat, is being presented as more than a simple upgrade to direct messages. Public details point to a standalone messaging product with end-to-end encryption, disappearing messages, voice and video calls, file sharing, screenshot blocking, message recall, and use […]