Last month in August 2025, the Wordfence Bug Bounty Program received 438 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by…
UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware
An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity company PRODAFT is tracking…
Summer 2025 SOC 1 report is now available with 183 services in scope
Amazon Web Services (AWS) is pleased to announce that the Summer 2025 System and Organization Controls (SOC) 1 report is now available. The report covers 183 services over the 12-month period from July 1, 2024 to June 30, 2025, giving customers…
Preemptive security predicted to constitute about half of IT security spending by 2030
The increasing use of AI will drive a demand for technology that can anticipate and neutralize threats, Gartner said in a new report. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Preemptive security…
Chinese Network Selling Thousands of Fake US and Canadian IDs
New investigation exposes a China-based ring that sold over 6,500 fake United States and Canadian IDs using well-planned covert packaging. Learn how this operation threatens national security and enables financial crime. This article has been indexed from Hackread – Latest…
EU Data Act Compliance Deadline Nears With Three Critical Takeaways
A decisive step forward in shaping the future of Europe’s digital economy has been taken by the regulation of harmonised rules for fair access to and use of data, commonly known as the EU Data Act, which has moved…
CLOUD Act Extends US Jurisdiction Over Global Cloud Data Across Microsoft, Google, and Amazon
That Frankfurt data center storing your business files or the Singapore server holding your personal photos may not be as secure from U.S. oversight as you think. If the provider is Microsoft, Amazon, Google, or another U.S.-based tech giant,…
FTC Launches Formal Investigation into AI Companion Chatbots
The Federal Trade Commission has announced a formal inquiry into companies that develop AI companion chatbots, focusing specifically on how these platforms potentially harm children and teenagers. While not currently tied to regulatory action, the investigation seeks to understand…
NIST explains how post-quantum cryptography push overlaps with existing security guidance
The agency published a document mapping its recommendations for PQC migration onto the advice in its landmark security publications. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: NIST explains how post-quantum cryptography push…
How the U.S. Can Strengthen Its Cyber Defenses Against Nation-State Threats
The American power grid is not just the backbone of modern life. It’s a high-value target in our new era of geopolitical conflict. As foreign adversaries expand their cyber capabilities,… The post How the U.S. Can Strengthen Its Cyber Defenses…
SystemBC Botnet Hacked 1,500 VPS Servers Daily to Hire for DDoS Attack
The emergence of the SystemBC botnet marks a significant evolution in proxy-based criminal infrastructure. Rather than co-opt residential devices for proxying, SystemBC operators have shifted to compromising large commercial Virtual Private Servers (VPS), enabling high-volume proxy services with minimal disruption…
Researchers Uncover Link Between Belsen and ZeroSeven Cybercriminal Groups
Cybersecurity researchers have identified a potential connection between two Yemen-based cybercriminal organizations, the Belsen Group and ZeroSevenGroup, following an extensive investigation into their operational patterns and attack methodologies. The discovery comes amid growing concerns about sophisticated network intrusion campaigns targeting…
Beware of Weaponized ScreenConnect App That Delivers AsyncRAT and PowerShell RAT
The emergence of a new campaign weaponizing legitimate remote monitoring and management software has alarmed security teams worldwide. Attackers are distributing trojanized installers for ConnectWise ScreenConnect—now known as ConnectWise Control—to deliver dual payloads: the widely used AsyncRAT and a custom…
ChatGPT Tricked Into Bypassing CAPTCHA Security and Enterprise Defenses
ChatGPT agents can be manipulated into bypassing their own safety protocols to solve CAPTCHA, raising significant concerns about the robustness of both AI guardrails and widely used anti-bot systems. The SPLX findings show that through a technique known as prompt…
CISA Warns of Hackers Exploiting Ivanti Endpoint Manager Mobile Vulnerabilities to Deploy Malware
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding sophisticated malware campaigns targeting Ivanti Endpoint Manager Mobile (EPMM) systems. Cybercriminals are actively exploiting two critical vulnerabilities, CVE-2025-4427 and CVE-2025-4428, to deploy advanced persistent threats that enable…
Why Attackers Still Hoard Encrypted Data (and Why That Should Worry You)
Ron Zayas, CEO of Ironwall, tackles a sobering question: why do attackers keep harvesting encrypted data—and why are organizations so complacent about it? Zayas notes that it’s not just “foreign” apps scooping up information; domestic platforms often collect just as…
Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability
Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. The vulnerability, tracked as CVE-2025-10035, carries a CVSS score of 10.0, indicating maximum severity. “A…
SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers
A proxy network known as REM Proxy is powered by malware known as SystemBC, offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies. “REM Proxy is a…
Evolving AI attacks, rapid model adoption worry cyber defenders
IT defenders think many of their security tools aren’t ready for AI-powered cyberattacks, according to a new report. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Evolving AI attacks, rapid model adoption worry…
BreachLock Named Sample Vendor for PTaaS and AEV in Two New 2025 Gartner® Reports
New York, New York, 19th September 2025, CyberNewsWire This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: BreachLock Named Sample Vendor for PTaaS and AEV in Two New 2025…
Don’t Get Rekt: The NFT Security Handbook That Could Save Your Digital Fortune
Picture this: You’ve just minted what you think is the next Bored Ape, only to discover you’ve actually given a hacker permission to drain your entire wallet. Or maybe you’ve proudly displayed your new 10 ETH NFT purchase, only to…
Ding ding: Fortra rings the perfect-10 bell over latest GoAnywhere MFT bug
Outside experts say the vulnerability has probably already been exploited Budding ransomware crooks have another shot at exploiting Fortra’s GoAnywhere MFT product now that a new 10/10 severity vulnerability needs patching.… This article has been indexed from The Register –…
In Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeek’s Coding Bias
Noteworthy stories that might have slipped under the radar: Eve Security seed funding, Claroty report, patches from WatchGuard and Nokia. The post In Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeek’s Coding Bias appeared first on SecurityWeek.…
When Business Moves Fast, Security Gets Left Behind in M&A
Mergers and acquisitions (M&A) often unfold at breakneck speed, driven by business opportunity and shareholder expectations. But as Dave Lewis, global advisory CISO at 1Password, explains, cybersecurity risks are still too often left as an afterthought. Lewis points to a…