Category: securityweek

ZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands. The post 11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft appeared first on SecurityWeek. This article has been indexed from…

Read more →

Google has confirmed reports that it’s buying cloud security giant Wiz and says it’s prepared to pay $32 billion in cash. The post Google to Acquire Cloud Security Giant Wiz for $32 Billion in Cash appeared first on SecurityWeek. This…

Read more →

Cloudflare launches Cloudforce Threat Events Feed, a service designed to provide security teams with real-time threat intelligence. The post New Cloudflare Service Provides Real-Time Threat Intelligence appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

The personal information of 22,000 Western Alliance Bank customers was stolen in a data breach linked to Cl0p’s hacking of the Cleo file transfer tool. The post Western Alliance Bank Discloses Data Breach Linked to Cleo Hack appeared first on…

Read more →

A year-old vulnerability in ChatGPT is being exploited against financial entities and US government organizations. The post ChatGPT Vulnerability Exploited Against US Government Organizations appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: ChatGPT…

Read more →

Exploits swirling for remote code execution vulnerability (CVE-2025-24813) in open-source Apache Tomcat web server. The post Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

First choices for both KEMs and DSAs are already standardized, and organizations should not wait for the backups to be available before migrating to PQC.  The post NIST Announces HQC as Fifth Standardized Post Quantum Algorithm appeared first on SecurityWeek.…

Read more →

Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes. The post 8,000 New WordPress Vulnerabilities Reported in 2024 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Threat actors are abusing Microsoft 365 infrastructure in a BEC campaign, and target its users in two brand impersonation campaigns. The post Microsoft 365 Targeted in New Phishing, Account Takeover Attacks appeared first on SecurityWeek. This article has been indexed…

Read more →

The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise. The post 100 Car Dealerships Hit by Supply Chain Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

Vulnerabilities in Nvidia Riva could allow hackers to abuse speech and translation AI services that are typically expensive.  The post Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Explore industry moves and significant changes in the industry for the week of March 17, 2025. Stay updated with the latest industry trends and shifts. This article has been indexed from SecurityWeek Read the original article: Industry Moves for the…

Read more →

The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack. The post Popular GitHub Action Targeted in Supply Chain Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

Noteworthy stories that might have slipped under the radar: Switzerland requires disclosure of critical infrastructure attacks, ESP32 chips don’t contain a backdoor, MassJacker cryptojacking malware. The post In Other News: Swiss Breach Disclosure Rules, ESP32 Chip Backdoor Disputed, MassJacker appeared…

Read more →

The ClickFix technique has been employed by cybercrime and APT groups for information stealer and other malware deployment. The post ClickFix Widely Adopted by Cybercriminals, APT Groups appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Your guide on how to get through the conference with your sanity, energy, and key performance indicators (KPIs) intact. The post RSA Conference Playbook: Smart Strategies from Seasoned Attendees appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

The newly discovered SuperBlack ransomware has been exploiting two vulnerabilities in Fortinet firewalls. The post Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Recent Fortinet…

Read more →

A recently disclosed Edimax zero-day vulnerability has been exploited in the wild by Mirai botnets for nearly a year. The post Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 appeared first on SecurityWeek. This article has been indexed…

Read more →

Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library.  The post FreeType Zero-Day Being Exploited in the Wild appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

Cisco has released patches for 10 vulnerabilities in IOS XR, including five denial-of-service (DoS) bugs. The post Cisco Patches 10 Vulnerabilities in IOS XR appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Cisco…

Read more →