CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS).

Why Your AI Girlfriend is a Privacy Time Bomb: 150M Users at Risk

The post Why Your AI Girlfriend is a Privacy Time Bomb: 150M Users at Risk appeared first on Android Headlines.
The Hacker News

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.

Understanding the Basics of JSON Validation and Cleaning for Robust Applications

This article delves into the essential process of validating and cleaning JSON data, ensuring proper structure, data types, and adherence to predefined schemas for robust applications.
SecurityWeek

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russia-linked APT28 has exploited a high-severity XSS vulnerability in Zimbra in attacks against Ukrainian entities.
Biometric Update

Aura breach and AI companion app flaws sharpen privacy fears

A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.
The Caledonian-Record

Surf AI Launches with $57 Million in Funding to Help Enterprises Operationalize Security

Surf AI, the agentic operations platform for modern security teams, today announced its launch and $57 million in funding to accelerate the development of its AI-native security execution offerings.
pharmaphorum

Fresh blow to UK life sciences as MSD abandons £1bn project

MSD is scrapping a £1 billion ($1.35 billion) expansion of its UK operations – including a facility already under construction in London – saying the country does not value innovative medicines. The ...