Putting the dampener on tamperers

Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada. “More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia,” Kaspersky said in a report. The infections were recorded…

Barry Zwets reports: Several ministries have been affected by a major data breach. The Ministry of the Interior and Kingdom Relations refers to a ‘privacy problem’ that has their ‘full attention’. This was reported by BNR sources, after which confirmation from the government followed. In addition to the Ministry of the Interior and Kingdom Relations, the Ministry…

ABB has patched building control product vulnerabilities that can expose many facilities to remote attacks. The post Researcher Says ABB Building Control Products Affected by 1,000 Vulnerabilities appeared first on SecurityWeek.

Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-24085, has been described as a use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to…

In the second of a two-part series on tools and frameworks designed to help with remediation prioritization, we explore some alternatives to CVSS

A security vulnerability has been disclosed in AMD’s Secure Encrypted Virtualization (SEV) that could permit an attacker to load a malicious CPU microcode under specific conditions. The flaw, tracked as CVE-2024-56161, carries a CVSS score of 7.2 out of 10.0, indicating high severity. “Improper signature verification in AMD CPU ROM microcode patch loader may allow…