New enhancements to the Sophos AI Assistant

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges. The vulnerability, tracked as CVE-2026-32746, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of out-of-bounds write…

Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said there exists an exploit in the wild. The vulnerability, tracked as CVE-2025-25256, carries a CVSS score of 9.8 out of a maximum of 10.0. “An improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability [CWE-78]…

Yesterday, Bryan Lambert reported:  Health care providers at Brockton Hospital are preparing to work off paper, not computers, for the next two weeks as the health care hub deals with an ongoing cybersecurity incident. The cybersecurity incident took many electronic services at Brockton Hospital offline on Monday and forced ambulances to be diverted. On Thursday,……

The latest version of the Banshee macOS information stealer no longer checks if the infected systems have the Russian language installed. The post Banshee macOS Malware Expands Targeting appeared first on SecurityWeek.

Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 (CVSS score: 9.8), has been described as a path traversal flaw. “Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version…

For the 16th consecutive report, Sophos has been recognized by Gartner as a Leader in the Endpoint Protection Platforms (EPP) category.