Tag: securityweek

Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161. The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Check Point has responded to a hacker’s claims of sensitive data theft, confirming an incident but saying that it had limited impact. The post Check Point Responds to Hacking Claims appeared first on SecurityWeek. This article has been indexed from…

Read more →

Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models. The post Apple Patches Recent Zero-Days in Older iPhones appeared first on SecurityWeek. This article has been…

Read more →

Sucuri has discovered multiple malware families deployed in the WordPress mu-plugins directory to evade routine security checks. The post Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

A strong security program will sometimes require substantial organizational and cultural changes around security practices, and inevitably, a higher cost. The post Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program appeared first on SecurityWeek.…

Read more →

Hacker leaks 270,000 customer tickets allegedly stolen from Samsung Germany using long-compromised credentials. The post Hacker Leaks Samsung Customer Data appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Hacker Leaks Samsung Customer Data

Read more →

The European Commission plans on investing €1.3 billion ($1.4 billion) in cybersecurity, artificial intelligence and digital skills.  The post Part of EU’s New €1.3 Billion Investment Going to Cybersecurity appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

The newly identified Android banking trojan Crocodilus takes over devices, enabling overlay attacks, remote control, and keylogging. The post ‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

An email security incident at Chord Specialty Dental Partners, a US dental service organization, has impacted more than 170,000 people.  The post 170,000 Impacted by Data Breach at Chord Specialty Dental Partners appeared first on SecurityWeek. This article has been…

Read more →

Explore industry moves and significant changes in the industry for the week of March 31, 2025. Stay updated with the latest industry trends and shifts. This article has been indexed from SecurityWeek Read the original article: Industry Moves for the…

Read more →

CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day. The post CISA Analyzes Malware Used in Ivanti Connect Secure Zero-Day Attacks appeared first on SecurityWeek. This article has…

Read more →

Analysis found that 99% of healthcare organizations are vulnerable to publicly available exploits. The post Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Read more →

Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers. The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Noteworthy stories that might have slipped under the radar: Key members of Hellcat ransomware group identified, controversy around CrushFTP flaw CVE, NYU website hacked and defaced. The post In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked appeared…

Read more →

HTTPS certificate issuance now requires Multi-Perspective Issuance Corroboration and linting to improve validation. The post New Issuance Requirements Improve HTTPS Certificate Validation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: New Issuance Requirements…

Read more →

A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages. The post Morphing Meerkat Phishing Kits Target Over 100 Brands appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Splunk patches high-severity remote code execution and information disclosure flaws in Splunk Enterprise and Secure Gateway App. The post Splunk Patches Dozens of Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Splunk…

Read more →

Russian-speaking espionage group RedCurl has been deploying ransomware on victims’ networks in a recent campaign. The post Russian Espionage Group Using Ransomware in Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Russian…

Read more →

The UK ICO has fined Advanced Computer Software Group £3 million ($3.8 million) over a 2022 data breach resulting from a ransomware attack. The post UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach  appeared first on SecurityWeek. This…

Read more →