Latest Cybersecurity News and Articles
21 March 2025
Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023.
"UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim
21 March 2025
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack designed to disable anti-malware tools.
Elastic Security Labs said it observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using a packer-as-a-service (PaaS
21 March 2025
Cato Networks discovers a new LLM jailbreak technique that relies on creating a fictional world to bypass a model’s security controls.
The post New Jailbreak Technique Uses Fictional World to Manipulate AI appeared first on SecurityWeek.
21 March 2025
The FishMonger APT group, a subdivision of Chinese cybersecurity firm I-Soon, compromised seven organizations in a 2022 campaign.
The post Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley appeared first on SecurityWeek.
21 March 2025
Industry professionals comment on Google acquiring cloud security giant Wiz for $32 billion in cash.
The post Industry Reactions to Google Buying Wiz: Feedback Friday appeared first on SecurityWeek.
21 March 2025
The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a "global espionage campaign" that took place in 2022 targeting seven organizations.
These entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks across Taiwan, Hungary, Turkey, Thailand, France, and the United States. The activity, which took place
21 March 2025
After conducting over 10,000 automated internal network penetration tests last year, vPenTest has uncovered a troubling reality that many businesses still have critical security gaps that attackers can easily exploit.
Organizations often assume that firewalls, endpoint protection, and SIEMs are enough to keep them secure. But how effective are these defenses when put to the test? That’s where
21 March 2025
Security leaders discuss the Western Alliance Bank breach, which impacted nearly 22,000 customers.
21 March 2025
The Hellcat ransomware group claims to have stolen tens of gigabytes of data from Ascom and Jaguar Land Rover.
The post Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover appeared first on SecurityWeek.
21 March 2025
Former NFL and University of Michigan assistant football coach Matt Weiss hacked into the computer accounts of thousands of college athletes seeking intimate photos and videos.
The post Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes’ Intimate Photos appeared first on SecurityWeek.
21 March 2025
Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal.
"Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control (C2) servers exclusively linked to Twelve prior to these incidents," the company said. "This suggests
21 March 2025
More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause.
The post Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed appeared first on SecurityWeek.
21 March 2025
Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center.
The two critical-rated vulnerabilities in question are listed below -
CVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to an
20 March 2025
Analysis reveals a 140% increase in browser phishing, including a 130% increase in zero-hour phishing attacks.
The post Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing appeared first on SecurityWeek.
20 March 2025
Real-time event and risk detection firm Dataminr has raised $85 million from NightDragon and HSBC to accelerate AI development.
The post Dataminr Raises $85 Million for AI-Powered Information Platform appeared first on SecurityWeek.
20 March 2025
A new LLM jailbreak technique enables the development of password-stealing malware
20 March 2025
YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users.
"What's intriguing about this malware is how much it collects," Kaspersky said in an analysis. "It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla, and
20 March 2025
CISA has added an absolute path traversal bug in Nakivo Backup and Replication to its Known Exploited Vulnerabilities list.
The post CISA Warns of Exploited Nakivo Vulnerability appeared first on SecurityWeek.
20 March 2025
A Joni Mitchell song from the 1960s can teach us a lot about securing hybrid and multi-cloud environments.
The post Through the Lens of Music: What Cybersecurity Can Learn From Joni Mitchell appeared first on SecurityWeek.
20 March 2025
Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution.
The vulnerability, tracked as CVE-2025-23120, carries a CVSS score of 9.9 out of 10.0. It affects 12.3.0.310 and all earlier version 12 builds.
"A vulnerability allowing remote code execution (RCE) by authenticated domain users," the