Latest Cybersecurity News and Articles
18 September 2025
The company sent a new preferences file to less than 5% of customers, urging them to import it into firewalls and reset their passwords.
The post SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations appeared first on SecurityWeek.
18 September 2025
The BianLian ransomware group took credit for the cyberattack on the healthcare organization in January 2025.
The post Nearly 250,000 Impacted by Data Breach at Medical Associates of Brevard appeared first on SecurityWeek.
18 September 2025
The top-performing venture fund heavily invests in startups building cybersecurity, AI, and enterprise software.
The post Israeli Cyber Fund Glilot Capital Raises $500 Million appeared first on SecurityWeek.
18 September 2025
An exploited type confusion in the V8 JavaScript engine tracked as CVE-2025-10585 was found by Google Threat Analysis Group this week.
The post Chrome 140 Update Patches Sixth Zero-Day of 2025 appeared first on SecurityWeek.
18 September 2025
Venture capital firm Insight Partners says the data breach disclosed in February 2025 impacts over 12,000 people.
The post Insight Partners Confirms Data Breach Result of Ransomware Attack appeared first on SecurityWeek.
18 September 2025
Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild.
The zero-day vulnerability in question is CVE-2025-10585, which has been described as a type confusion issue in the V8 JavaScript and WebAssembly engine.
Type confusion vulnerabilities can have severe consequences as they can be
17 September 2025
The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets.
Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluster it tracks as RevengeHotels.
"The threat actors continue to employ phishing emails with invoice
17 September 2025
SecurityWeek's Attack Surface Management Virtual Summit is now LIVE and runs today from 11AM – 4PM ET.
The post Virtual Event Today: Attack Surface Management Summit appeared first on SecurityWeek.
17 September 2025
Irregular is testing the cybersecurity capabilities of AI models, including Anthropic’s Claude and OpenAI’s ChatGPT.
The post Irregular Raises $80 Million for AI Security Testing Lab appeared first on SecurityWeek.
17 September 2025
RegScale has raised a total of more than $50 million, with the latest investment being used to enhance its platform and expand.
The post RegScale Raises $30 Million for GRC Platform appeared first on SecurityWeek.
17 September 2025
The campaign targeted US government, think tank, and academic entities involved in US-China relations, international trade, and economic policy.
The post Details Emerge on Chinese Hacking Operation Impersonating US Lawmaker appeared first on SecurityWeek.
17 September 2025
A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures.
"In this activity, the group masqueraded as the current Chair of the Select Committee on Strategic Competition between the United States and the Chinese Communist Party (CCP), as well as the
17 September 2025
Conor Fitzpatrick, who pleaded guilty in July 2023, was sentenced last year to time served and supervised release.
The post BreachForums Owner Sent to Prison in Resentencing appeared first on SecurityWeek.
17 September 2025
The startup provides an authentication stack that secures both incoming authentication and outgoing agent actions.
The post Scalekit Raises $5.5 Million to Secure AI Agent Authentication appeared first on SecurityWeek.
17 September 2025
At least 15 ransomware gangs have announced retirement, but security leaders aren’t convinced.
17 September 2025
Quantum computing and AI working together will bring incredible opportunities. Together, the technologies will help us extend innovation further and faster than ever before. But, imagine the flip side, waking up to news that hackers have used a quantum computer to crack your company's encryption overnight, exposing your most sensitive data, rendering much of it untrustworthy.
And with your
17 September 2025
NetRise has identified 20 device models from six vendors that are still vulnerable to Pixie Dust attacks.
The post Decade-Old Pixie Dust Wi-Fi Hack Still Impacts Many Devices appeared first on SecurityWeek.
17 September 2025
Generative AI has gone from a curiosity to a cornerstone of enterprise productivity in just a few short years. From copilots embedded in office suites to dedicated large language model (LLM) platforms, employees now rely on these tools to code, analyze, draft, and decide. But for CISOs and security architects, the very speed of adoption has created a paradox: the more powerful the tools, the
17 September 2025
The packages were injected with malicious code to harvest secrets, dump them to a public repository, and make private repositories public.
The post Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit appeared first on SecurityWeek.
17 September 2025
Cybersecurity researchers have tied a fresh round of cyber attacks targeting financial services to the notorious cybercrime group known as Scattered Spider, casting doubt on their claims of going "dark."
Threat intelligence firm ReliaQuest said it has observed indications that the threat actor has shifted their focus to the financial sector. This is supported by an increase in lookalike domains