Latest Cybersecurity News and Articles

---

Microsoft Offers $5 Million at Zero Day Quest Hacking Contest

Research demonstrating high-impact cloud and AI security flaws will be rewarded at Microsoft’s Zero Day Quest competition in spring 2026. The post Microsoft Offers $5 Million at Zero Day Quest Hacking Contest appeared first on SecurityWeek.

---

SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation

Threat actors might be exploiting a zero-day vulnerability in SonicWall firewalls in a fresh wave of ransomware attacks. The post SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation appeared first on SecurityWeek.

---

15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign

Cybersecurity researchers have lifted the veil on a widespread malicious campaign that's targeting TikTok Shop users globally with an aim to steal credentials and distribute trojanized apps. "Threat actors are exploiting the official in-app e-commerce platform through a dual attack strategy that combines phishing and malware to target users," CTM360 said. "The core tactic involves a deceptive

---

SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported

SonicWall said it's actively investigating reports to determine if there is a new zero-day vulnerability following reports of a spike in Akira ransomware actors in late July 2025. "Over the past 72 hours, there has been a notable increase in both internally and externally reported cyber incidents involving Gen 7 SonicWall firewalls where SSLVPN is enabled," the network security vendor said in a

---

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models

Nvidia has patched over a dozen vulnerabilities in Triton Inference Server, including another set of vulnerabilities that threaten AI systems.  The post Nvidia Triton Vulnerabilities Pose Big Risk to AI Models appeared first on SecurityWeek.

---

NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers

A newly disclosed set of security flaws in NVIDIA's Triton Inference Server for Windows and Linux, an open-source platform for running artificial intelligence (AI) models at scale, could be exploited to take over susceptible servers. "When chained together, these flaws can potentially allow a remote, unauthenticated attacker to gain complete control of the server, achieving remote code execution

---

Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally

Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer. The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based underground ecosystem that automates the resale and reuse via Telegram APIs, according to a joint

---

US Announces $100 Million for State, Local and Tribal Cybersecurity

CISA and FEMA announced two grants of more than $100 million for state, local, and tribal governments looking to improve cybersecurity. The post US Announces $100 Million for State, Local and Tribal Cybersecurity appeared first on SecurityWeek.

---

AI Guardrails Under Fire: Cisco’s Jailbreak Demo Exposes AI Weak Points

Cisco’s latest jailbreak method reveals just how easily sensitive data can be extracted from chatbots trained on proprietary or copyrighted content. The post AI Guardrails Under Fire: Cisco’s Jailbreak Demo Exposes AI Weak Points appeared first on SecurityWeek.

---

Sean Cairncross Confirmed by Senate as National Cyber Director

The US Senate voted to confirm Sean Cairncross as the National Cyber Director, five months after nominalization. The post Sean Cairncross Confirmed by Senate as National Cyber Director appeared first on SecurityWeek.

---

Multi-Job Hustles Expose Workers to Higher Cybersecurity Risks

Almost half of Gen Z has a side hustle, the highest percentage of any other generation. This may leave them at higher risk of cyberattacks.

---

⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More

Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about being malicious—it’s about being believable.

---

Cybersecurity M&A Roundup: 44 Deals Announced in July 2025

Forty-four cybersecurity merger and acquisition (M&A) deals were announced in July 2025. The post Cybersecurity M&A Roundup: 44 Deals Announced in July 2025 appeared first on SecurityWeek.

---

Man-in-the-Middle Attack Prevention Guide

Some of the most devastating cyberattacks don’t rely on brute force, but instead succeed through stealth. These quiet intrusions often go unnoticed until long after the attacker has disappeared. Among the most insidious are man-in-the-middle (MITM) attacks, where criminals exploit weaknesses in communication protocols to silently position themselves between two unsuspecting parties

---

Northwest Radiologists Data Breach Impacts 350,000 Washingtonians

Northwest Radiologists says the personal information of 350,000 Washington State residents was stolen in a January 2025 data breach. The post Northwest Radiologists Data Breach Impacts 350,000 Washingtonians appeared first on SecurityWeek.

---

The Wild West of Shadow IT

Everyone’s an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don’t need to clear it with your team first. It’s great for productivity, but it’s a serious problem for your security posture. When the floodgates of SaaS and AI opened, IT didn’t just get democratized, its security got outpaced. Employees are onboarding apps faster than

---

Several Vulnerabilities Patched in AI Code Editor Cursor 

Attackers could silently modify sensitive MCP files to trigger the execution of arbitrary code without requiring user approval. The post Several Vulnerabilities Patched in AI Code Editor Cursor  appeared first on SecurityWeek.

---

Gene Sequencing Giant Illumina Settles for $9.8M Over Product Vulnerabilities

Illumina will pay $9.8 million to settle accusations that products provided to the US government were affected by cybersecurity flaws. The post Gene Sequencing Giant Illumina Settles for $9.8M Over Product Vulnerabilities appeared first on SecurityWeek.

---

PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads

Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong. "The botnet's rapid growth, which now exceeds 2,000 new infections per week, is driven by aggressive campaigns focusing on Spanish and French speakers, indicating a strategic

---

Legal aid cyber-attack has pushed sector towards collapse, say lawyers

Barristers report going unpaid and cases being turned away amid fears firms will desert legal aid work altogetherLawyers have warned that a cyber-attack on the Legal Aid Agency has pushed the sector into chaos, with barristers going unpaid, cases being turned away and fears a growing number of firms could desert legal aid work altogether.In May, the legal aid agency announced that the personal data of hundreds of thousands of legal aid applicants in England and Wales dating back to 2010 had been accessed and downloaded in a significant cyber-attack. Continue reading...