Cyber Security – Page 28 – Simply Secure Group

Fortinet Security Update Patch for Multiple Vulnerabilities That Enable Malicious Command Execution

Fortinet released a sweeping security advisory on March 10, 2026, addressing eleven vulnerabilities across its core enterprise products, including FortiManager, FortiAnalyzer, FortiSwitchAXFixed, and FortiSandbox. The flaws range from authentication bypasses and buffer overflows to OS command injection and SQL injection, several of which could allow remote attackers to execute arbitrary commands or escalate privileges on […]

Kali Linux Enhances AI-driven Penetration Testing with Local Ollama, 5ire, and MCP Kali Server

Kali Linux AI-driven Penetration Testing The Kali Linux team has published a new entry in its growing LLM-driven security series, this time eliminating all reliance on third-party cloud services by running large language models entirely on local hardware. The guide demonstrates how security professionals can use natural language to drive penetration testing tools, all processed […]

Signed Malware Masquerading as Teams, Zoom Apps Drops RMM Backdoors

A newly uncovered phishing campaign is actively targeting enterprise users by disguising malware as widely used workplace applications, including Microsoft Teams, Zoom, and Adobe Acrobat Reader. What makes this threat stand out is that the malicious files carry legitimate-looking digital signatures, making them harder for everyday users and even basic security tools to flag. The […]

Hackers Use Fake CleanMyMac Site to Deploy SHub Stealer and Hijack Crypto Wallets

A convincing fake website posing as the popular Mac utility CleanMyMac is actively pushing dangerous macOS malware called SHub Stealer onto unsuspecting users. The site, hosted at cleanmymacos[.]org, has no connection to the real CleanMyMac software or its developers, MacPaw. Once inside a system, SHub Stealer harvests saved passwords, browser data, Apple Keychain contents, cryptocurrency […]

WiFi Signals Reveal Human Activities Through Walls by Mapping Body Keypoints

A new open-source edge AI system called π RuView is turning ordinary WiFi infrastructure into a through-wall human-sensing platform detecting body pose, vital signs, and movement patterns without a single camera, raising urgent security and surveillance concerns. Researchers and developers have long theorized that ambient radio signals could be weaponized for passive surveillance. That theory […]

Hackers Allegedly Selling Exploit for Windows Remote Desktop Services 0-Day Flaw

A threat actor is allegedly selling a zero-day exploit for a Windows Remote Desktop Services privilege escalation vulnerability, tracked as CVE-2026-21533, for a staggering $220,000 on a dark web forum. This highly priced exploit targets improper privilege management to grant attackers local administrative control. The underground cybersecurity community has observed a new high-stakes listing on […]

Critical Zero-Click Command Injection in AVideo Platform Allows Stream Hijacking

Zero-Click Command Injection AVideo Platform Allows Stream Hijacking A critical vulnerability in AVideo, a widely used open-source video hosting and streaming platform. Tracked as CVE-2026-29058, this zero-click flaw carries a maximum severity rating, allowing unauthenticated attackers to execute arbitrary operating system commands on the targeted server. Discovered by security researcher Arkmarta, the vulnerability specifically affects […]

Cognizant TriZetto Data Breach Exposes Health Information of 3.4 Million Patients

Cognizant TriZetto Data Breach TriZetto Provider Solutions, a healthcare technology subsidiary of the IT services giant Cognizant, has officially disclosed a massive cybersecurity data breach affecting the sensitive health information of 3,433,965 patients. The healthcare organization recently filed a formal data breach notification revealing that malicious threat actors successfully compromised their external systems. This extensive […]

OpenAI Launches Codex Security that Discover, Validate and Patch Vulnerabilities

OpenAI Launches Codex Security OpenAI has announced the launch of Codex Security, an application security agent engineered to autonomously identify, validate, and remediate complex vulnerabilities within enterprise and open-source codebases. Formerly known as Aardvark, the tool leverages frontier AI models to provide context-aware security assessments, aiming to replace noisy static analysis tools that inundate security […]

New ClickFix Attack leverages Windows Terminal for Payload Execution

Cybersecurity researchers have uncovered a new wave of ClickFix attacks that now exploit Windows Terminal to deliver malicious payloads directly onto victim machines. Unlike earlier iterations of this social engineering technique, which relied on the Windows Run dialog, this latest campaign leads users into opening a privileged command environment themselves, making it harder to detect […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.