Category: securityweek

CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog. The post CISA Warns of SysAid Vulnerability Exploitation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: CISA Warns of…

Read more →

Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek. This article has been indexed from…

Read more →

Once a manageable function, security operations has become a battlefield of complexity. The post Reclaiming Control: How Enterprises Can Fix Broken Security Operations appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Reclaiming Control:…

Read more →

Dell confirms the compromise of a demo environment containing synthetic data after hackers leak allegedly stolen information. The post Dell Says Data Leaked by Hackers Is Fake appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz. The existence of the security holes came to light last week, when Germany’s CERT@VDE published an advisory describing eight vulnerabilities…

Read more →

AI-powered cybersecurity company Darktrace has acquired network traffic visibility provider Mira Security. The post Darktrace Acquires Mira Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Darktrace Acquires Mira Security

Read more →

Dior says hackers accessed personal information in a January 2025 intrusion. No payment information was compromised. The post Dior Says Personal Information Stolen in Cyberattack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Read more →

The UK government has sanctioned three Russian APTs and 18 individuals for their involvement in cyber operations against Ukraine, NATO allies, and EU. The post UK Sanctions Russian Hackers Tied to Assassination Attempts appeared first on SecurityWeek. This article has…

Read more →

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek. This article has been…

Read more →

Iranian APT MuddyWater has been using new versions of the DCHSpy Android surveillance tool since the beginning of the conflict with Israel. The post Iranian APT Targets Android Users With New Variants of DCHSpy Spyware appeared first on SecurityWeek. This…

Read more →

Cierant Corporation and Zumpano Patricios independently disclosed data breaches, each impacting more than 200,000 individuals. The post Marketing, Law Firms Say Data Breaches Impact Over 200,000 People appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

A surveillance company was caught using an SS7 bypass technique to trick wireless carriers into divulging users’ locations. The post Surveillance Firm Bypasses SS7 Protections to Retrieve User Location appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771. The post Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

The Alcohol & Drug Testing Service (TADTS) says personal information was stolen in a July 2024 ransomware attack. The post 750,000 Impacted by Data Breach at The Alcohol & Drug Testing Service appeared first on SecurityWeek. This article has been…

Read more →

Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS. The post Exploited CrushFTP Zero-Day Provides Admin Access to Servers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately. The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available appeared…

Read more →

Noteworthy stories that might have slipped under the radar: powerful US law firm hacked by China, Symantec product flaw, $10,000 Meta AI hack, cryptocurrency thieves bypassing FIDO keys.  The post In Other News: Law Firm Hacked by China, Symantec Flaw,…

Read more →

AI-native email security firm StrongestLayer has emerged from stealth mode with $5.2 million in seed funding. The post Email Protection Startup StrongestLayer Emerges From Stealth Mode appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

Google has filed a lawsuit against the Badbox 2.0 botnet operators, after identifying over 10 million infected Android devices. The post Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

The CitrixBleed 2 vulnerability in NetScaler may expose organizations to compromise even if patches have been applied. The post CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →