Latest Cybersecurity News and Articles
20 November 2025
SolarWinds Serv-U is affected by vulnerabilities that can be exploited for remote code execution.
The post SolarWinds Patches Three Critical Serv-U Vulnerabilities appeared first on SecurityWeek.
19 November 2025
Threat actors are leveraging bogus installers masquerading as popular software to trick users into installing malware as part of a global malvertising campaign dubbed TamperedChef.
The end goal of the attacks is to establish persistence and deliver JavaScript malware that facilitates remote access and control, per a new report from Acronis Threat Research Unit (TRU). The campaign, per the
19 November 2025
The move to acquire Chronosphere is the latest of several acquisitions in recent years and follows a massive $25 billion deal to acquire CyberArk.
The post Palo Alto Networks to Acquire Observability Platform Chronosphere in $3.35 Billion Deal appeared first on SecurityWeek.
19 November 2025
Amazon threat intelligence experts have documented two cases in which Iran leveraged hacking to prepare for kinetic attacks.
The post Amazon Details Iran’s Cyber-Enabled Kinetic Attacks Linking Digital Spying to Physical Strikes appeared first on SecurityWeek.
19 November 2025
The cybersecurity company has launched Digital Security Teammate (DST), AI agents that investigate, triage, and escalate incidents when needed.
The post Secure.com Raises $4.5 Million for Agentic Security appeared first on SecurityWeek.
19 November 2025
A recently disclosed security flaw impacting 7-Zip has come under active exploitation in the wild, according to an advisory issued by the U.K. NHS England Digital on Tuesday.
The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0), which allows remote attackers to execute arbitrary code. It has been addressed in 7-Zip version 25.00 released in July 2025.
"The specific flaw exists
19 November 2025
Cybersecurity researchers have disclosed details of a new campaign that leverages a combination of social engineering and WhatsApp hijacking to distribute a Delphi-based banking trojan named Eternidade Stealer as part of attacks targeting users in Brazil.
"It uses Internet Message Access Protocol (IMAP) to dynamically retrieve command-and-control (C2) addresses, allowing the threat actor to
19 November 2025
On Tuesday, November 18, Cloudfare experienced an outage that led to several websites being slow to load or completely unavailable. The outage affected programs such at ChatGPT, X, and local government websites.
19 November 2025
An intermittent outage at Cloudflare on Tuesday briefly knocked many of the Internet's top destinations offline. Some affected Cloudflare customers were able to pivot away from the platform temporarily so that visitors could still access their websites. But security experts say doing so may have also triggered an impromptu network penetration test for organizations that have come to rely on Cloudflare to block many types of abusive and malicious traffic.
19 November 2025
The cybersecurity startup will use the funds to expand its engineering team, extend collaborations, and get ready for enterprise rollout.
The post Mate Emerges From Stealth Mode With $15.5 Million in Seed Funding appeared first on SecurityWeek.
19 November 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Nov. 19, 2025 – Read the full story from Mastercard New survey highlights urgent need for safe retail practices during this year’s holiday season In a recent article from the Mastercard Newsroom, the company
The post Mastercard’s Hacker Warning: Beware of Deals, Discounts, & Data Thieves appeared first on Cybercrime Magazine.
19 November 2025
Threat actors are exploiting a two-year-old vulnerability in the Ray AI framework in a fresh campaign that hit numerous clusters, Oligo reports. Maintained by Anyscale, Ray is an open source framework for scaling Python-based AI and ML applications. Ray clusters can be deployed into the cloud to scale workloads, and should be secured and isolated […]
The post Two-Year-Old Ray AI Framework Flaw Exploited in Ongoing Campaign appeared first on SecurityWeek.
19 November 2025
A newly discovered campaign has compromised tens of thousands of outdated or end-of-life (EoL) ASUS routers worldwide, predominantly in Taiwan, the U.S., and Russia, to rope them into a massive network.
The router hijacking activity has been codenamed Operation WrtHug by SecurityScorecard's STRIKE team. Southeast Asia and European countries are some of the other regions where infections have
19 November 2025
AI has given cybercriminals the ability to operate like Fortune‑500‑scale marketing departments—except their product is account takeover, data theft, and identity fraud.
The post AI Is Supercharging Phishing: Here’s How to Fight Back appeared first on SecurityWeek.
19 November 2025
The challenge facing security leaders is monumental: Securing environments where failure is not an option. Reliance on traditional security postures, such as Endpoint Detection and Response (EDR) to chase threats after they have already entered the network, is fundamentally risky and contributes significantly to the half-trillion-dollar annual cost of cybercrime.
Zero Trust fundamentally shifts
19 November 2025
Microsoft said the DDoS attack was aimed at an endpoint in Australia and reached 15.72 Tbps and 3.64 Bpps.
The post Largest Azure DDoS Attack Powered by Aisuru Botnet appeared first on SecurityWeek.
19 November 2025
The threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper to facilitate adversary-in-the-middle (AitM) attacks.
EdgeStepper "redirects all DNS queries to an external, malicious hijacking node, effectively rerouting the traffic from legitimate infrastructure used for software updates to attacker-controlled infrastructure
19 November 2025
Malicious actors can exploit default configurations in ServiceNow's Now Assist generative artificial intelligence (AI) platform and leverage its agentic capabilities to conduct prompt injection attacks.
The second-order prompt injection, according to AppOmni, makes use of Now Assist's agent-to-agent discovery to execute unauthorized actions, enabling attackers to copy and exfiltrate sensitive
19 November 2025
An OS command injection flaw, the exploited zero-day allows attackers to execute arbitrary code on the underlying system.
The post Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week appeared first on SecurityWeek.
19 November 2025
Microsoft announced new security capabilities for Defender, Sentinel, Copilot, Intune, Purview, and Entra.
The post Microsoft Unveils Security Enhancements for Identity, Defense, Compliance appeared first on SecurityWeek.