Advertisement · 728 × 90
#
Hashtag
#securityaffairs
Advertisement · 728 × 90
キタきつね
キタきつね
@kitafox.bsky.social
4 days ago
Preview
Patch now: TP-Link Archer NX routers vulnerable to firmware takeover TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmware.

今すぐパッチを適用:TP-Link Archer NXルーターのファームウェア乗っ取りの脆弱性

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover #SecurityAffairs (Mar 25)

securityaffairs.com/189980/iot/p...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
4 days ago
Preview
Patch now: TP-Link Archer NX routers vulnerable to firmware takeover TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmware.

今すぐパッチを適用:TP-Link Archer NXルーターのファームウェア乗っ取りの脆弱性

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover #SecurityAffairs (Mar 25)

securityaffairs.com/189980/iot/p...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
5 days ago
Preview
Citrix NetScaler critical flaw could leak data, update now - Security Affairs Citrix warns of a critical NetScaler flaw (CVE-2026-3055) that could leak sensitive data; users are urged to apply security updates immediately.

Citrix NetScalerに重大な欠陥があり、データ漏洩の恐れがあります。今すぐアップデートしてください

Citrix NetScaler critical flaw could leak data, update now #SecurityAffairs (Mar 24)

securityaffairs.com/189908/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
6 days ago
Preview
44 Aqua Security repositories defaced after Trivy supply chain breach Malicious Trivy images on Docker Hub spread infostealer malware, exposing developers after a supply chain attack.

Trivy社のサプライチェーン侵害により、Aqua Security社の保管庫44カ所が汚損される

44 Aqua Security repositories defaced after Trivy supply chain breach #SecurityAffairs (Mar 23)

securityaffairs.com/189856/uncat...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
1 week ago
Preview
From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures ClickFix campaigns are evolving, with attackers increasingly targeting macOS users and deploying more advanced infostealers.

WindowsからmacOSへ:ClickFixの攻撃手法がChatGPTベースの誘い込みで変化

From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures #SecurityAffairs (Mar 17)

securityaffairs.com/189542/cyber...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
1 week ago
Preview
RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts RondoDox botnet targets 174 flaws, reaching 15,000 daily exploit attempts in a more focused and strategic campaign.

RondoDoxボットネットは攻撃対象を拡大し、174の脆弱性を標的とし、1日あたり15,000件の攻撃試行を実行した

RondoDox botnet expands arsenal targeting 174 flaws, and hits 15,000 daily exploit attempts #SecurityAffairs (Mar 17)

securityaffairs.com/189569/malwa...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
1 week ago
Preview
Payload Ransomware claims the hack of Royal Bahrain Hospital The Payload Ransomware group claims to have breached the Royal Bahrain Hospital (RBH), a leading healthcare facility in Bahrain.

Payload Ransomwareは、ロイヤル・バーレーン病院へのハッキングを主張している

Payload Ransomware claims the hack of Royal Bahrain Hospital #SecurityAffairs (Mar 15)

securityaffairs.com/189467/cyber...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
1 week ago
Preview
U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog.

米国サイバーセキュリティ・インフラストラクチャセキュリティ庁(CISA)は、Wing FTPサーバーの脆弱性を既知の悪用された脆弱性リストに追加した

U.S. CISA adds a flaw in Wing FTP Server to its Known Exploited Vulnerabilities catalog #SecurityAffairs (Mar 16)

securityaffairs.com/189530/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
2 weeks ago
Preview
U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in n8n to its Known Exploited Vulnerabilities catalog.

米国CISAがn8nの脆弱性を既知の脆弱性カタログに追加

U.S. CISA adds a flaw in n8n to its Known Exploited Vulnerabilities catalog #SecurityAffairs (Mar 12)

securityaffairs.com/189326/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
2 weeks ago
Preview
Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites An unauthenticated SQL injection (CVE-2026-2413) in the Ally WordPress plugin could allow attackers to steal sensitive data.

Allyプラグインの重大なSQLインジェクションバグが40万以上のWordPressサイトを脅かす

Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites #SecurityAffairs (Mar 12)

securityaffairs.com/189354/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
2 weeks ago
Preview
Apple issues emergency fixes for Coruna flaws in older iOS versions Apple released iOS 16.7.15 and 15.8.7 updates for older iPhones and iPads to patch vulnerabilities linked to the Coruna exploits.

Apple、iOSの旧バージョンにおけるCoruna脆弱性に対する緊急修正を発表

Apple issues emergency fixes for Coruna flaws in older iOS versions #SecurityAffairs (Mar 12)

securityaffairs.com/189362/secur...

0 1 0 0
キタきつね
キタきつね
@kitafox.bsky.social
2 weeks ago
Preview
KadNap bot compromises 14,000+ devices to route malicious traffic KadNap malware infects 14,000+ edge devices turning them into a stealth proxy botnet used to route malicious internet traffic.

KadNapボットが14,000台以上のデバイスを侵害し、悪意のあるトラフィックをルーティング

KadNap bot compromises 14,000+ devices to route malicious traffic #SecurityAffairs (Mar 11)

securityaffairs.com/189251/malwa...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
2 weeks ago
Preview
Hewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CX Hewlett Packard Enterprise (HPE) fixed several flaws in Aruba AOS-CX, including a critical bug that lets attackers reset admin passwords.

ヒューレット・パッカード・エンタープライズ、Aruba AOS-CXの重大な認証バイパスを修正

Hewlett Packard Enterprise fixes critical authentication bypass in Aruba AOS-CX #SecurityAffairs (Mar 11)

securityaffairs.com/189278/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
2 weeks ago
Preview
Attackers exploit FortiGate devices to access sensitive network info Hackers are exploiting FortiGate devices to breach networks and steal conf data containing service account credentials and network details.

攻撃者はFortiGateデバイスを悪用して機密ネットワーク情報にアクセスします

Attackers exploit FortiGate devices to access sensitive network information #SecurityAffairs (mar 10)

securityaffairs.com/189241/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
2 weeks ago
Preview
U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog U.S. CISA adds EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog.

米国CISAがIvanti EPM、SolarWinds、Omnissa Workspace Oneの脆弱性を既知の悪用脆弱性カタログに追加

U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog #SecurityAffairs (Mar 10)

securityaffairs.com/189172/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
2 weeks ago
Preview
Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients A breach at Cognizant’s TriZetto Provider Solutions exposed sensitive health data belonging to more than 3.4 million patients.

コグニザントのTriZettoプロバイダーソリューションのデータ侵害は340万人以上の患者に影響を与えた

Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients #SecurityAffairs (Mar 9)

securityaffairs.com/189149/data-...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
2 weeks ago
Preview
FBI alert: scammers target zoning permit applicants The FBI warns of phishing attacks where crooks impersonate U.S. city and county officials to target people requesting planning and zoning permits.

FBI警告:詐欺師がゾーニング許可申請者を狙う

FBI alert: scammers target zoning permit applicants #SecurityAffairs (Mar 9)

securityaffairs.com/189165/cyber...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
2 weeks ago
Preview
Russia-linked hackers target Signal, WhatsApp of officials globally Russia-linked hackers are targeting Signal and WhatsApp accounts of government and military officials worldwide, warns Dutch intelligence.

ロシア関連のハッカーが世界中の政府関係者のSignalやWhatsAppを標的に

Russia-linked hackers target Signal, WhatsApp of officials globally #SecurityAffairs (Mar 9)

securityaffairs.com/189156/intel...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
3 weeks ago
Preview
Massive GitHub malware operation spreads BoryptGrab stealer Experts found BoryptGrab stealer spreading through 100+ GitHub repositories, stealing browser data, crypto wallets, system info, and more

大規模なGitHubマルウェア攻撃でBoryptGrabスティーラーが拡散

Massive GitHub malware operation spreads BoryptGrab stealer #SecurityAffairs (Mar 8)

securityaffairs.com/189110/malwa...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
3 weeks ago
Preview
Critical Nginx UI flaw CVE-2026-27944 exposes server backups Nginx UI flaw CVE-2026-27944 lets attackers download and decrypt server backups without authentication, exposing sensitive data.

重大なNginx UIの欠陥CVE-2026-27944により、サーバーのバックアップが危険にさらされる

Critical Nginx UI flaw CVE-2026-27944 exposes server backups #SecurityAffairs (Mar 8)

securityaffairs.com/189123/secur...

0 1 0 0
キタきつね
キタきつね
@kitafox.bsky.social
3 weeks ago
Preview
Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR Security teams want lower MTTR, but flaws persist. How to use automation vs. orchestration to reduce risk effectively?

自動化かオーケストレーションか?効率的な修復プログラムを導入してMTTRを短縮

Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR #SecurityAffairs (Mar 4)

securityaffairs.com/188917/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
3 weeks ago
Preview
LastPass warns of spoofed alerts aimed at stealing master passwords LastPass warns of phishing emails posing as security alerts to trick users into revealing their master passwords.

LastPassはマスターパスワードを盗むことを目的とした偽のアラートについて警告

LastPass warns of spoofed alerts aimed at stealing master passwords #SecurityAffairs (Mar 4)

securityaffairs.com/188911/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
3 weeks ago
Preview
U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog.

米国CISA、クアルコムとブロードコムのVMware Aria Operationsの脆弱性を既知の脆弱性カタログに追加

U.S. CISA adds Qualcomm and Broadcom VMware Aria Operations flaws to its Known Exploited Vulnerabilities catalog #SecurityAffairs (Mar 4)

securityaffairs.com/188887/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
3 weeks ago
Preview
Europol’s Project Compass nets 30 arrests in crackdown on “The Com” Europol’s Project Compass led to 30 arrests targeting 'The Com' network, identifying 62 victims and protecting four children from harm.

ユーロポールのプロジェクト・コンパス、「ザ・コム」取り締まりで30人を逮捕

Europol’s Project Compass nets 30 arrests in crackdown on “The Com” #SecurityAffairs (Mar 2)

securityaffairs.com/188708/cyber...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
3 weeks ago
Preview
APT37 combines cloud storage and USB implants to infiltrate air-gapped systems APT 37 used Zoho WorkDrive and USB malware to breach air-gapped networks in the Ruby Jumper campaign.

APT37はクラウドストレージとUSBインプラントを組み合わせてエアギャップシステムに侵入する

APT37 combines cloud storage and USB implants to infiltrate air-gapped systems #SecurityAffairs (Mar 2)

securityaffairs.com/188767/apt/a...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
3 weeks ago
Preview
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513 before Microsoft patched it, a high-severity bypass flaw.

ロシア関連のAPT28がパッチ適用前にMSHTMLのゼロデイ脆弱性CVE-2026-21513を悪用

Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch #SecurityAffairs (Mar 2)

securityaffairs.com/188782/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
3 weeks ago
Preview
Claude code abused to steal 150GB in cyberattack on Mexican agencies Hackers abused Claude Code to build exploits and steal 150GB of data in a cyberattack targeting Mexican government systems.

メキシコ政府機関へのサイバー攻撃で、クロードのコードが悪用され150GBのデータが盗まれた

Claude code abused to steal 150GB in cyberattack on Mexican agencies #SecurityAffairs (Mar 1)

securityaffairs.com/188696/ai/cl...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
1 month ago
Preview
U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog.

米国CISAがCisco SD-WANの脆弱性を既知の脆弱性カタログに追加

U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog #SecurityAffairs (Feb 26)

securityaffairs.com/188548/hacki...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
1 month ago
Preview
Critical Zyxel router flaw exposed devices to remote attacks Zyxel fixed a critical flaw in multiple routers that lets unauthenticated attackers remotely execute commands on vulnerable devices.

Zyxelルーターの重大な欠陥により、デバイスがリモート攻撃にさらされる

Critical Zyxel router flaw exposed devices to remote attacks #SecurityAffairs (Feb 25)

securityaffairs.com/188501/secur...

0 0 0 0
キタきつね
キタきつね
@kitafox.bsky.social
1 month ago
Preview
Untrusted repositories turn Claude code into an attack vector Flaws in Anthropic’s Claude Code could allow remote code execution and theft of API keys when users open untrusted repositories.

信頼できないリポジトリはClaudeコードを攻撃ベクトルに変えます

Untrusted repositories turn Claude code into an attack vector #SecurityAffairs (Feb 25)

securityaffairs.com/188508/secur...

0 0 0 0