ChatGPT Security Issue Enabled Data Theft via Single Prompt
OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole
Flaws Let Attackers Run Commands and Steal API Keys Before Trust PromptCheck Point research found three critical flaws in Anthropic's Claude Code that allow attackers to execute arbitrary commands and steal API keys through repository configuration files, before users see a trust prompt. The AI giant has patched all three vulnerabilities.
Check Point helps exorcise vast 'Ghost Network' that used fake tutorials to push infostealers Google has taken down thousands of YouTube videos that were quietly spreading password-stealing malware disguised as cracked software and game cheats.…
The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research
Also: Gootloader Malware, GCHQ Intern Pleads Guilty, Check Point Breach UpdateThis week, a "Fast Flux" warning, Gootloader malware, an GCHQ intern pleaded guilty to stealing top secret data and Check Point undercuts hacking claim. Also, Google rolled out end-to-end encryption for some Gmail users, Apple backported patches and Dutch prosecutors cut internet access.
Hackers Claim on BreachForums to Have Stolen 'Highly Sensitive' DataIsraeli cybersecurity firm Check Point rejected Monday a hackers' assertion that he stole "highly sensitive" information offered for sale on an online marketplace for illicit data. The incident "doesn’t pose and risk or has any security implications to our customers or employees."
Chinese hackers are infiltrating the networks of suppliers of “sensitive” manufacturers, according to a Check Point report to be published in the coming weeks
Check Point Research has found over 10 million stolen credentials associated with EMEA organizations exposed on cybercrime markets
Cybersecurity researchers have shed light on a nascent artificial intelligence (AI) assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims to date
Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer
Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months
The government-backed crew also enjoys ransomware as a side hustle Iranian government-backed cybercriminals have been hacking into US and foreign networks as recently as this month to steal sensitive data and deploy ransomware, and they're breaking in via vulnerable VPN and firewall devices from Check Point, Citrix, Palo Alto Networks and other manufacturers, according to Uncle Sam.…
Threat actors have been exploiting a high-severity Check Point Remote Access VPN zero-day since at least April 30, stealing Active Directory data needed to move laterally through the victims' networks in successful attacks. [...]
A new custom backdoor dubbed Stealth Soldier has been deployed as part of a set of highly-targeted espionage attacks in North Africa
Check Point uncovers web vulnerability that could have led to cryptocurrency theft A flaw detected in the browser version of the Ever Surf cryptocurrency wallet could have given hackers who exploited it full control over a targeted user's wallet, say threat hunters at Check Point Research.…
A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an attacker to gain full control over a victim's wallet
Cybersecurity researchers have disclosed a now-fixed security flaw in the Rarible non-fungible token (NFT) marketplace that, if successfully exploited, could have led to account takeover and theft of cryptocurrency assets