Latest Cybersecurity News and Articles
06 November 2025
Hyundai AutoEver America was hacked in February and the attackers managed to steal SSNs and other personal data.
The post Automotive IT Firm Hyundai AutoEver Discloses Data Breach appeared first on SecurityWeek.
06 November 2025
Bitdefender has once again been recognized as a Representative Vendor in the Gartner® Market Guide for Managed Detection and Response (MDR) — marking the fourth consecutive year of inclusion. According to Gartner, more than 600 providers globally claim to deliver MDR services, yet only a select few meet the criteria to appear in the Market Guide. While inclusion is not a ranking or comparative
06 November 2025
The flaws allow attackers to execute arbitrary code remotely and elevate their privileges to root on an affected system.
The post Cisco Patches Critical Vulnerabilities in Contact Center Appliance appeared first on SecurityWeek.
06 November 2025
The threat actor stole the firewall configuration files of all SonicWall customers who used the cloud backup service.
The post State-Sponsored Hackers Stole SonicWall Cloud Backups in Recent Attack appeared first on SecurityWeek.
06 November 2025
The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware.
According to a new report from Bitdefender, the adversary is said to have enabled the Hyper-V role on selected victim systems to deploy a minimalistic, Alpine Linux-based virtual machine.
"This hidden environment, with its lightweight
06 November 2025
SonicWall has formally implicated state-sponsored threat actors as behind the September security breach that led to the unauthorized exposure of firewall configuration backup files.
"The malicious activity – carried out by a state-sponsored threat actor - was isolated to the unauthorized access of cloud backup files from a specific cloud environment using an API call," the company said in a
05 November 2025
For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare's public ranking of the most frequently requested websites. Cloudflare responded by redacting Aisuru domain names from their top websites list. The chief executive at Cloudflare says Aisuru's overlords are using the botnet to boost their malicious domain rankings, while simultaneously attacking the company's domain name system (DNS) service.
05 November 2025
Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence (AI) model API to write its own source code for improved obfuscation and evasion.
"PROMPTFLUX is written in VBScript and interacts with Gemini's API to request specific VBScript obfuscation and
05 November 2025
Google has released a report describing the novel ways in which malware has been using AI to adapt and evade detection.
The post Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns appeared first on SecurityWeek.
05 November 2025
Get practical strategies to help minimize your risk exposure, including the need for identity threat detection and mitigation.
The post Webinar Today: Scattered Spider Exposed – Critical Takeaways for Cyber Defenders appeared first on SecurityWeek.
05 November 2025
Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI's ChatGPT artificial intelligence (AI) chatbot that could be exploited by an attacker to steal personal information from users' memories and chat histories without their knowledge.
The seven vulnerabilities and attack techniques, according to Tenable, were found in OpenAI's GPT-4o and GPT-5 models. OpenAI has
05 November 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Nov. 5, 2025 – Read the full story from Royal Bank of Canada According to Cybersecurity Ventures, cybercrime damage costs are predicted to exceed $10 trillion USD in 2025, making it the world’s
The post Royal Bank Of Canada’s CISO On The ‘Cyber Poverty Line’: Plan For The Worst appeared first on Cybercrime Magazine.
05 November 2025
The company plans to advance its identity exposure management capabilities and pursue M&A opportunities.
The post Flare Raises $30 Million for Threat Exposure Management Platform appeared first on SecurityWeek.
05 November 2025
Armis recently surpassed $300 million in annual recurring revenue as it prepares for an IPO.
The post Armis Raises $435 Million in Pre-IPO Funding Round at $6.1 Billion Valuation appeared first on SecurityWeek.
05 November 2025
Malanta collects and analyzes digital breadcrumbs that attackers leave behind and then forecasts how and when they will be weaponized.
The post Malanta Emerges from Stealth with $10 Million Seed Funding appeared first on SecurityWeek.
05 November 2025
Leveraging AI, ConductorOne’s platform secures and manages millions of human, non-human, and AI identities.
The post ConductorOne Raises $79 Million in Series B Funding appeared first on SecurityWeek.
05 November 2025
Raise your hand if you’ve heard the myth, “Android isn’t secure.”
Android phones, such as the Samsung Galaxy, unlock new ways of working. But, as an IT admin, you may worry about the security—after all, work data is critical.
However, outdated concerns can hold your business back from unlocking its full potential. The truth is, with work happening everywhere, every device connected to your
05 November 2025
The critical vulnerability allows attackers to read arbitrary emails, including password reset messages.
The post Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover appeared first on SecurityWeek.
05 November 2025
The funding will fuel the development of Daylight’s security operations platform and the launch of new protection modules.
The post Daylight Raises $33 Million for AI-Powered MDR Platform appeared first on SecurityWeek.
05 November 2025
The Japanese media giant says compromised Slack credentials were used to steal employee and business partner information.
The post Nikkei Says 17,000 Impacted by Data Breach Stemming From Slack Account Hack appeared first on SecurityWeek.