Category: securityweek

Eight days before patches, a threat actor exploited CVE-2025-10035 as a zero-day to create a backdoor admin account. The post Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

Leading to remote code execution and privilege escalation, the flaws were exploited on Cisco ASA 5500-X series devices that lack secure boot. The post Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks appeared first on SecurityWeek. This article has been…

Read more →

Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak. The post Salesforce AI Hack Enabled CRM Data Theft appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Threat actors impersonating PyPI ask users to verify their email for security purposes, directing them to fake websites. The post PyPI Warns Users of Fresh Phishing Campaign appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

The aerospace and defense giant has disclosed the cyberattack in a filing with the SEC. The post RTX Confirms Airport Services Hit by Ransomware appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: RTX…

Read more →

RedNovember has been targeting government, defense and aerospace, and legal services organizations worldwide. The post Chinese Cyberspies Hacked US Defense Contractors appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Chinese Cyberspies Hacked US…

Read more →

Bringing politics into professional spaces undermines decision-making, collaboration, and ultimately weakens security teams. The post Perspective: Why Politics in the Workplace is a Cybersecurity Risk appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Read more →

New framework from the Cloud Security Alliance helps SaaS customers navigate the shared responsibility model with confidence. The post CSA Unveils SaaS Security Controls Framework to Ease Complexity appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

Google’s Threat Intelligence Group and Mandiant have shared findings on a recent BrickStorm campaign linked to UNC5221. The post Chinese Spies Lurked in Networks for 393 Days, Hunted for Zero-Day Intel appeared first on SecurityWeek. This article has been indexed…

Read more →

The Miljödata data breach has impacted numerous organizations, education institutions, and Swedish municipalities. The post Volvo Group Employee Data Stolen in Ransomware Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Volvo Group…

Read more →

The security defect allows remote attackers with administrative privileges to execute arbitrary code as the root user. The post Cisco Patches Zero-Day Flaw Affecting Routers and Switches appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Boyd Gaming has informed the SEC about a data breach affecting the information of employees and other individuals. The post Hackers Target Casino Operator Boyd Gaming appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

Cybersecurity researchers believe the attack on Collins Aerospace involved a piece of ransomware known as HardBit. The post European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

The hackers remained undetected for three weeks, deploying China Chopper, remote access scripts, and reconnaissance tools. The post GeoServer Flaw Exploited in US Federal Agency Hack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

GitHub will implement local publishing with mandatory 2FA, granular tokens that expire after seven days, and trusted publishing. The post GitHub Boosting Security in Response to NPM Supply Chain Attacks  appeared first on SecurityWeek. This article has been indexed from…

Read more →

The attack was aimed at a European network infrastructure company and it has been linked to the Aisuru botnet. The post Record-Breaking DDoS Attack Peaks at 22 Tbps and 10 Bpps appeared first on SecurityWeek. This article has been indexed…

Read more →

The software update includes additional file checks and helps users remove the known rootkit deployed in a recent campaign. The post SonicWall Updates SMA 100 Appliances to Remove Overstep Malware appeared first on SecurityWeek. This article has been indexed from…

Read more →

Tracked as CVE-2025-59689, the command injection bug could be triggered via malicious emails containing crafted compressed attachments. The post Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

JLR extended the pause in production “to give clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation.” The post Jaguar Land Rover Says Shutdown Will Continue Until at…

Read more →

More than 300 servers and 100,000 SIM cards designed to mimic cellphones and overwhelm networks. The post A Massive Telecom Threat Was Stopped Right As World Leaders Gathered at UN Headquarters in New York appeared first on SecurityWeek. This article…

Read more →