Trend Micro’s Salvatore Gariuolo talks with the Black Hat USA 2025 News Desk about how the new ISO 15118 standard for electric vehicle smart charging and vehicle-to-grid communications can be weaponized by threat actors. Go to Source Author: Rob Wright
Author Archives: Onsite Computing, Inc.
UK-based telecommunications company Colt Technology Services confirms that customer documentation was stolen as Warlock ransomware gang auctions files. […] Go to Source Author: Lawrence Abrams
By using brief, plain clues in their prompts that are likely to influence the app to query older models, a user can downgrade ChatGPT for malicious ends. Go to Source Author: Nate Nelson, Contributing Writer
NCC Group’s David Brauchler III shared how foundational controls and threat modeling strategies can help secure agentic AI tools in ways traditional guardrails can’t. Go to Source Author: Alexander Culafi
New research highlights how threat actors abuse legitimate virtual private server offerings in order to spin up infrastructure cheaply, quietly, and fast. Go to Source Author: Alexander Culafi
Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances. The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows – CVE-2025-57788 (CVSS score: 6.9) – A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without […]
Europol has confirmed that a Telegram channel impersonating the agency and offering a $50,000 reward for information on two Qilin ransomware administrators is fake. The impostor later admitted it was created to troll researchers and journalists. […] Go to Source Author: Lawrence Abrams
Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3. Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA pages as lures to trick users into providing initial access to their systems, which […]
Teenaged security researchers Sasha Zyuzin and Ruikai Peng discuss how their new vulnerability discovery framework leverages LLMs to address limitations of the past. Go to Source Author: Alexander Culafi
Microsoft is seeking further information from customers who reported failure and data corruption issues affecting their solid-state drives (SSDs) and hard disk drives (HDDs) after installing the August 2025 security update. […] Go to Source Author: Sergiu Gatlan