Latest Cybersecurity News and Articles
24 March 2025
The US Department of the Treasury has removed sanctions against the fully decentralized cryptocurrency mixer service Tornado Cash.
The post US Lifts Sanctions Against Crypto Mixer Tornado Cash appeared first on SecurityWeek.
24 March 2025
The FCC is investigating whether Chinese firms such as Huawei, ZTE and China Telecom are still operating in the US.
The post FCC Probes Whether Banned Chinese Telecom Providers Still Operating in US appeared first on SecurityWeek.
24 March 2025
A report found that there has been a 57.9% increase in attacks being sent from compromised accounts getting through traditional detection.
24 March 2025
A report by Seemplicity found that 86% of security teams are using AI in their security stacks and 56% say AI is now crucial to their daily operations.
24 March 2025
The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.
The post Medusa Ransomware Uses Malicious Driver to Disable Security Tools appeared first on SecurityWeek.
24 March 2025
A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects.
That wasn’t the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined the chaos, running ad
24 March 2025
Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that's under development to its users.
The extensions, named "ahban.shiba" and "ahban.cychelloworld," have since been taken down by the marketplace maintainers.
Both the extensions, per ReversingLabs, incorporate code that's designed to invoke a
24 March 2025
If given the choice, most users are likely to favor a seamless experience over complex security measures, as they don’t prioritize strong password security. However, balancing security and usability doesn’t have to be a zero-sum game. By implementing the right best practices and tools, you can strike a balance between robust password security and a frictionless user experience (UX).
This article
24 March 2025
NetSfere Integrates ML-KEM and AES into its text, voice and video messaging platform to meet 2027 NSA Quantum Security mandates.
The post NetSfere Launches Quantum-Resilient Messaging Platform for Enterprise and Government Use appeared first on SecurityWeek.
24 March 2025
New versions of the Albabat ransomware target Windows, Linux, and macOS, and retrieve configuration files from GitHub.
The post Albabat Ransomware Expands Targets, Abuses GitHub appeared first on SecurityWeek.
24 March 2025
Explore industry moves and significant changes in the industry for the week of March 24, 2025. Stay updated with the latest industry trends and shifts.
24 March 2025
A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization checks under certain conditions.
The vulnerability, tracked as CVE-2025-29927, carries a CVSS score of 9.1 out of 10.0.
"Next.js uses an internal header x-middleware-subrequest to prevent recursive requests from triggering infinite loops," Next.js said in an
24 March 2025
Public officials and private citizens are consistently warned about hacking and data leaks, but technologies designed to increase privacy often decrease government transparency.
The post Encrypted Messaging Apps Promise Privacy. Government Transparency Is Often the Price appeared first on SecurityWeek.
23 March 2025
The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope.
"The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for further compromises,"
22 March 2025
The U.S. Treasury Department has announced that it's removing sanctions against Tornado Cash, a cryptocurrency mixer service that has been accused of aiding the North Korea-linked Lazarus Group to launder their ill-gotten proceeds.
"Based on the Administration's review of the novel legal and policy issues raised by use of financial sanctions against financial and commercial activity occurring
21 March 2025
Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through online phishing scams, and that the accused were relying on a custom Android app to relay tap-to-pay transactions from mobile devices located in China.
21 March 2025
Noteworthy stories that might have slipped under the radar: Capital One hacker’s sentence reversed, Google patches critical Chrome vulnerability, the story of an Expat flaw.
The post In Other News: Critical Chrome Bug, Capital One Hacker Resententencing, Story of Expat Flaw appeared first on SecurityWeek.
21 March 2025
The Cloak ransomware group has claimed responsibility for a February cyberattack on Virginia Attorney General’s Office.
The post Ransomware Group Claims Attack on Virginia Attorney General’s Office appeared first on SecurityWeek.
21 March 2025
Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023.
"UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim
21 March 2025
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack designed to disable anti-malware tools.
Elastic Security Labs said it observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using a packer-as-a-service (PaaS