A naukri.com initiative
Cyber Security News
Medium
1M
337
Image Credit: Medium
Android's New Sensitive Content Scanner: A Blessing or a Breach?
- Android's new sensitive content scanner uses SafetyCore, Google's on-device machine learning system, to analyze images for nudity and sensitive material.
- The scanning process occurs entirely on-device, ensuring that no images are sent to Google's servers.
- While the feature raises privacy concerns, as personal photos are continuously processed on the device, its default enabled status and lack of user choice to opt out may be problematic.
- The service feature was included in a system update, leaving users unaware and without the option to disable it.
Read Full Article
20 Likes
Medium
1M
355
Lucian Nacht: The Shadow Architect of AI and Cybersecurity Investments
- Lucian Nacht, the elusive founder of Black Veil Capital, operates behind the curtain, shaping industries without seeking public recognition.
- Black Veil Capital specializes in stealth investments across artificial intelligence, cybersecurity, and classified defense technologies.
- Lucian Nacht's origins are unknown, with speculation ranging from being born into an elite European financial dynasty to being entirely self-made.
- Nacht's reclusiveness, deliberate avoidance of traditional media, and strategic disappearances add to the mystique surrounding him.
Read Full Article
21 Likes
Securityaffairs
1M
446
Image Credit: Securityaffairs
Apple fixed the third actively exploited zero-day of 2025
- Apple released emergency security updates to address a zero-day vulnerability, CVE-2025-24201, in the WebKit cross-platform web browser engine.
- The vulnerability was exploited in 'extremely sophisticated' cyber attacks, and it is an out-of-bounds write issue.
- The fix was released as a supplementary measure after blocking a similar attack in iOS 17.2.
- Apple addressed the flaw with improved checks, releasing updates for various devices.
Read Full Article
26 Likes
Siliconangle
1M
121
Image Credit: Siliconangle
Sola Security launches with $30M to simplify cybersecurity with AI and no-code tools
- Self-service cybersecurity startup Sola Security Inc. has raised $30 million in funding to develop its AI-powered, no-code cybersecurity platform.
- Sola aims to simplify security management and eliminate complexity, cutting costs, and putting power into the hands of security professionals.
- The company's platform allows businesses to build and deploy security solutions without extensive technical expertise.
- Sola Security's funding round was led by S Capital LP and veteran venture capitalist Mike Moritz.
Read Full Article
7 Likes
Siliconangle
1M
346
Image Credit: Siliconangle
Cybereason raises $120M as Chainguard reportedly eyes $350M round
- Cybereason has closed a $120 million funding round led by SoftBank Group Corp., SoftBank Vision Fund 2, and Liberty Strategic Capital.
- The funding will support the growth of Cybereason's XDR platform, which uses artificial intelligence to detect cyberattacks across various devices and technology assets.
- Cybereason has appointed Manish Narula as its new CEO, succeeding former CEO Eric Gan.
- Chainguard, a cybersecurity startup, is reportedly in talks about a $350 million investment from Kleiner Perkins, following its previous $140 million Series C raise.
Read Full Article
20 Likes
Pymnts
1M
392
Image Credit: Pymnts
Sola Raises $30 Million for ‘Self-Serve’ Cybersecurity Solution
- Sola Security has raised $30 million to develop its AI-powered cybersecurity platform.
- The funding will allow Sola to create a no-code solution for businesses to build security apps without technical expertise.
- Sola Security aims to be part of the 'self-serve revolution' in the cybersecurity industry.
- The company intends to provide customizable and cost-effective security solutions.
Read Full Article
23 Likes
Siliconangle
1M
36
Image Credit: Siliconangle
Assessing the human element: Panelists weigh AI’s role in cybersecurity during HumanX
- Cybersecurity professionals are grappling with the impact of AI and how to protect key systems and assets while keeping humans in the loop.
- The inaugural HumanX conference in Las Vegas focused on the intersection of AI and human insight in cybersecurity.
- Panelists at the conference emphasized the importance of trust in building AI infrastructure and the need for increased compliance and governance in the age of AI.
- While AI adoption in cybersecurity can help alleviate work burdens, organizations also face challenges in creating safe AI models and educating employees about cybersecurity practices.
Read Full Article
2 Likes
Arstechnica
1M
315
Image Credit: Arstechnica
Apple patches 0-day exploited in “extremely sophisticated attack”
- Apple patched a critical zero-day vulnerability in iPhones and iPads.
- The vulnerability is in Webkit, the browser engine for Safari on iOS devices.
- The vulnerability may have been exploited in an extremely sophisticated attack against specific targeted individuals.
- Apple released a supplementary fix for this vulnerability.
Read Full Article
18 Likes
TechBullion
1M
211
Image Credit: TechBullion
The Ultimate Guide to Unlocking Any PDF Without Stress
- PDF files are commonly used, but locked PDFs can be frustrating when they prevent editing, copying, or printing.
- There are two types of document security measures: password protection and limited permissions.
- Methods to unlock PDF files include using online unlocking tools, professional software, desktop programs, and mobile apps.
- Proper legal and ethical conduct should be followed when attempting to unlock PDF files to respect security measures and privacy rules.
Read Full Article
12 Likes
Lastwatchdog
1M
166
News alert: GitGuardian discloses 70% of leaked secrets remain active 2 years — remediation urgent
- GitGuardian's '2025 State of Secrets Sprawl Report' reveals a 25% increase in leaked secrets year-over-year and 23.8 million new credentials on public GitHub in 2024.
- 70% of secrets leaked in 2022 are still active today, posing a significant cybersecurity threat in various organizations.
- A single leaked API key led to the U.S. Treasury Department breach, emphasizing the dangers of exposed credentials.
- Generic secrets like passwords and credentials now account for over half of all detected leaks, making them challenging to identify.
- 35% of private repositories scanned contained plaintext secrets, contradicting the belief that private repos are secure.
- Hardcoded secrets are prevalent in collaboration platforms and container environments, where security controls are typically weaker.
- Non-human identities (NHIs) outnumber human identities in many organizations, lacking proper management and rotation.
- Even organizations using secrets management solutions face vulnerabilities, with a 5.1% secret leakage rate among repositories leveraging secrets managers.
- The report emphasizes the need for comprehensive secrets security, automated discovery, detection, and stronger governance.
- GitGuardian recommends deploying monitoring, centralized detection, semi-automated rotation policies, and clear developer guidelines.
Read Full Article
10 Likes
TechCrunch
1M
229
Image Credit: TechCrunch
Apple fixes new security flaw used in ‘extremely sophisticated attack’
- Apple has released patches for a new security flaw discovered in its WebKit browser engine.
- The bug allowed hackers to break out of WebKit's protective sandbox with malicious web content.
- The patch has been made available for Macs, iPhones, iPads, Safari, and the Vision Pro headset.
- The attack was exploited against devices running software prior to iOS 17.2, and targets and hackers were not disclosed.
Read Full Article
13 Likes
Idownloadblog
1M
148
Image Credit: Idownloadblog
Apple patches a WebKit exploit with iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2 and other updates
- Apple has patched a WebKit vulnerability with the iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, tvOS 18.3.1 and visionOS 2.3.2 updates.
- The vulnerability in WebKit was exploited in the wild, targeting high-value individuals.
- The update is recommended for all users and includes important security fixes.
- Additional bug fixes and security updates are included in the updates.
Read Full Article
8 Likes
Securityaffairs
1M
85
Image Credit: Securityaffairs
Switzerland’s NCSC requires cyberattack reporting for critical infrastructure within 24 hours
- Switzerland’s NCSC mandates critical infrastructure organizations to report cyberattacks within 24 hours of discovery.
- The policy is introduced in response to the increasing number of cyber incidents.
- Non-compliance may result in fines up to CHF 100,000 after the grace period.
- The new requirement aligns with international standards to enhance information exchange.
Read Full Article
5 Likes
Medium
1M
347
Image Credit: Medium
Put on Your Cape, We Need Your Help!
- Savvy Cyber Kids is seeking help in funding cyber safety and ethics educational tools and programs.
- They have free resources for teachers and parents to encourage kids to use their cyber powers for good and be a #cyberhero.
- The organization promotes using alternate cyberhero identities while interacting with strangers online to maintain privacy.
- Donations can be made to support their fundraising campaign.
Read Full Article
20 Likes
TechCrunch
1M
229
Image Credit: TechCrunch
DOGE axes CISA ‘red team’ staffers amid ongoing federal cuts
- DOGE, headed by Elon Musk, has fired over a hundred employees working for the U.S. government's cybersecurity agency, CISA.
- The employees, including 'red team' staffers, were laid off in late February and early March with no prior warning.
- CISA's spokesperson stated that the red team remains operational and that the agency is reviewing contracts to align with the new administration's priorities.
- Over 80 employees supporting continuous monitoring and between 30 to 50 employees working in incident response were laid off by DOGE.
Read Full Article
13 Likes
For uninterrupted reading, download the app