#VictoriasSecret delays earnings release after security incident

https://www.bleepingcomputer.com/news/security/victorias-secret-delays-earnings-release-after-security-incident/

#cybersecurity

"Recent advances in operating system (OS) agents enable vision-language models to interact directly with the graphical user interface of an OS. These multimodal OS agents autonomously perform computer-based tasks in response to a single prompt via application programming interfaces (APIs). Such APIs typically support low-level operations, including mouse clicks, keyboard inputs, and screenshot captures. We introduce a novel attack vector: malicious image patches (MIPs) that have been adversarially perturbed so that, when captured in a screenshot, they cause an OS agent to perform harmful actions by exploiting specific APIs. For instance, MIPs embedded in desktop backgrounds or shared on social media can redirect an agent to a malicious website, enabling further exploitation. These MIPs generalise across different user requests and screen layouts, and remain effective for multiple OS agents. The existence of such attacks highlights critical security vulnerabilities in OS agents, which should be carefully addressed before their widespread adoption."

https://arxiv.org/html/2503.10809v1

#AI #GenerativeAI #LLMs #CyberSecurity #APIs #OS #AIAgents

#Google patches new #Chrome zero-day bug exploited in attacks

https://www.bleepingcomputer.com/news/security/google-patches-new-chrome-zero-day-bug-exploited-in-attacks/

#cybersecurity

"EFF has joined more than 80 civil society organizations, companies, and cybersecurity experts in signing a letter urging the European Commission to change course on its recently announced “Technology Roadmap on Encryption.” The roadmap, part of the EU’s ProtectEU strategy, discusses new ways for law enforcement to access encrypted data. That framing is dangerously flawed.

Let’s be clear: there is no technical “lawful access” to end-to-end encrypted messages that preserves security and privacy. Any attempt to circumvent encryption—like client-side scanning—creates new vulnerabilities, threatening the very people governments claim to protect.

This letter is significant in not just its content, but in who signed it. The breadth of the coalition makes one thing clear: civil society and the global technical community overwhelmingly reject the idea that weakening encryption can coexist with respect for fundamental rights."

https://www.eff.org/deeplinks/2025/06/eus-encryption-roadmap-makes-everyone-less-safe

#EU #CyberSecurity #Encryption #Privacy #PoliceState

#Cartier discloses #DataBreach amid #fashion brand cyberattacks

https://www.bleepingcomputer.com/news/security/cartier-discloses-data-breach-amid-fashion-brand-cyberattacks/

#cybersecurity #privacy

#TheNorthFace warns customers of April credential stuffing attack

https://www.bleepingcomputer.com/news/security/the-north-face-warns-customers-of-april-credential-stuffing-attack/

#cybersecurity

The #EU’s “#Encryption Roadmap” Makes Everyone Less Safe

https://www.eff.org/deeplinks/2025/06/eus-encryption-roadmap-makes-everyone-less-safe

#cybersecurity #politics #Europe

#Google #Chrome to distrust #Chunghwa Telecom, #Netlock certificates in August

https://www.bleepingcomputer.com/news/security/google-chrome-to-distrust-chunghwa-telecom-netlock-certificates-in-august/

#cybersecurity

🎙️ Speakers are set for #oSC25! From #open hardware to #cybersecurity, #Leap 16 to #LLMs, the #openSUSE Conference (June 26–28) is packed with insight, innovation, & community. #Linux #opensource
https://news.opensuse.org/2025/06/03/speakers-set-course-for-osc/

#Microsoft and #CrowdStrike partner to link hacking group names

https://www.bleepingcomputer.com/news/security/microsoft-and-crowdstrike-partner-to-link-hacking-group-names/

#cybersecurity

In nur 3 Minuten könnt ihr euer #Smartphone effektiv vor Angriffen schützen: PIN & Sperrbildschirm aktivieren, Software aktuell halten, vertrauenswürdige Apps nutzen, Schnittstellen nur bei Bedarf einschalten.

👉️ Mehr Tipps vom #BSI: https://www.bsi.bund.de/dok/386642
#Sicherheit #Cybersecurity

Australian #ransomware victims now must tell the government if they pay up

https://therecord.media/australia-ransomware-victims-must-report-payments

#Australia #cybersecurity

#Qualcomm fixes three #Adreno #GPU zero-days exploited in attacks

https://www.bleepingcomputer.com/news/security/qualcomm-fixes-three-adreno-gpu-zero-days-exploited-in-attacks/

#cybersecurity

The count-down can begin...

Our next #webinar in the series, titled ''#OpenSource for #Cybersecurity : Securing and Maintaining Europe's Open Source Dependencies'' is happening today!

We will dive into the concerns of the #security and #sustainability of open source components when developing modern #software.

More details below :

📅Tuesday, 3rd of June, 2025

⏰14:00-15:00 CEST

📍Register for the link and access code : https://europeanopensource.academy/form/webinar-open-source-and-cybersec

New #Linux Flaws Allow Password Hash Theft via Core Dumps in #Ubuntu, #RHEL, #Fedora

https://thehackernews.com/2025/05/new-linux-flaws-allow-password-hash.html

#cybersecurity #FOSS

Summer Sale: 25% Off #Cryptomator – All June Long!

https://cryptomator.org/blog/2025/06/01/summer-sale/

#cybersecurity #FOSS

Exploit details for max severity #Cisco #IOSXE flaw now public

https://www.bleepingcomputer.com/news/security/exploit-details-for-max-severity-cisco-ios-xe-flaw-now-public/

#cybersecurity

Help Wanted To Build an Open Source '#AdvancedDataProtection' For Everyone

https://it.slashdot.org/story/25/05/31/1859206/help-wanted-to-build-an-open-source-advanced-data-protection-for-everyone

#FOSS #cybersecurity #Apple #UK

☀️ Summer Sale is here!
Get 25% off Cryptomator (one-time purchase – no subscription) and 25% off Cryptomator Hub for the first year.

📅 Offer valid until June 30!

🔗 More info: https://cryptomator.org/blog/2025/06/01/summer-sale/?utm_source=mastodon&utm_medium=social&utm_campaign=summer-sale-2025

#SummerSale #Cryptomator #CyberSecurity #Privacy #CloudEncryption

Billions of cookies up for grabs as experts warn over session security

https://www.theregister.com/2025/05/29/billions_of_cookies_available/

#cybersecurity

Hackers are exploiting critical flaw in #vBulletin forum software

https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-critical-flaw-in-vbulletin-forum-software/

#cybersecurity

The hottest new #VibeCoding startup may be a sitting duck for hackers

https://www.semafor.com/article/05/29/2025/the-hottest-new-vibe-coding-startup-lovable-is-a-sitting-duck-for-hackers

#cybersecurity #AI

Police takes down #AVCheck site used by cybercriminals to scan #malware

https://www.bleepingcomputer.com/news/security/police-takes-down-avcheck-antivirus-site-used-by-cybercriminals/

#cybersecurity

White House investigating how #Trump’s chief of staff’s #phone was hacked

https://techcrunch.com/2025/05/30/white-house-investigating-how-trumps-chief-of-staffs-phone-was-hacked/

#cybersecurity #politics

Why #Take9 Won’t Improve #Cybersecurity

https://www.schneier.com/blog/archives/2025/05/why-take9-wont-improve-cybersecurity.html