lemmydev2

Barbara Moens / Financial Times: The EU Commission orders Apple to open iOS to third-party connected devices, and in preliminary findings charges Google with breaking the DMA in search and apps  —  EU continues Big Tech crackdown under landmark Digital Markets Act  —  Brussels is pressing ahead with regulatory action …

Clearview AI spent nearly a million dollars in a bid to purchase “690 million arrest records and 390 million arrest photos” from all 50 states, court records reveal.

93% of organizations made policy changes over the preceding 12 months to address concerns about increased personal liability for CISOs, according to Fastly. This includes two in five organizations (41%) increasing CISO participation in strategic decisions at the board level. CISO liability under the spotlight In late 2023, newly adopted regulations such as the SEC rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies as well as other headlines have put … More → The post Most organizations change policies to reduce CISO liability risk appeared first on Help Net Security.

California Cryobank LLC, one of America’s largest sperm donor repositories, has confirmed a significant data breach that exposed sensitive customer information.  The cyber intrusion, which occurred on April 20, 2024, but remained undetected until October 4, 2024, has triggered mandatory breach notifications to affected individuals across multiple states, with formal notices sent to customers on […] The post US Sperm Donor Giant California Cryobank Hacked – Customers Personal Data Exposed appeared first on Cyber Security News.

He was supposed to make a sci-fi epic about super intelligent clones. The FBI says he spent the money on crypto and cars.

Introduction In this post, we’ll show precisely how to chain round-trip attacks and namespace confusion to achieve unauthenticated admin access on GitLab Enterprise by exploiting the ruby-saml library

Don't laugh. This kind of warning shows crims are getting desperate Dark web analysts at infosec software vendor Fortra have discovered an extortion crew named Ox Thief that threatened to contact Edward Snowden if a victim didn’t pay to protect its data – a warning that may be an indicator of tough times in the ransomware world for some, at least.…

A supply chain attack on the widely used 'tj-actions/changed-files' GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. [...]

A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions -

Apache Tomcat 11.0.0-M1 to 11.0.2 Apache Tomcat 10.1.0-M1 to 10.1.34 Apache Tomcat 9.0.0-M1 to 9.0.98

It concerns a

Comments

A new threat assessment from the Danish Civil Protection Authority (SAMSIK) warned of cyberattacks targeting the telecommunications sector after citing a wave of incidents hitting European organizations the past few years.

Alphabet Inc. is in talks to purchase the cloud security company Wiz for $33 billion, restarting deal discussions that were called off last summer after extended negotiations, according to people familiar with the matter.