Latest Cybersecurity News and Articles
12 March 2025
US officials have not determined who was behind an apparent cyberattack on the social media site X that limited access to the platform for thousands of users.
The post US Hasn’t Determined Who Was Behind Cyberattack That Caused Outage on Musk’s X appeared first on SecurityWeek.
12 March 2025
We’ve been hearing the same story for years: AI is coming for your job. In fact, in 2017, McKinsey printed a report, Jobs Lost, Jobs Gained: Workforce Transitions in a Time of Automation, predicting that by 2030, 375 million workers would need to find new jobs or risk being displaced by AI and automation. Queue the anxiety.
There have been ongoing whispers about what roles would be
12 March 2025
Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been actively exploited in the wild.
Of the 56 flaws, six are rated Critical, 50 are rated Important, and one is rated Low in severity. Twenty-three of the addressed vulnerabilities are remote code execution bugs and 22 relate to privilege
12 March 2025
Industrial giants Siemens and Schneider Electric have released March 2025 Patch Tuesday ICS security advisories.
The post ICS Patch Tuesday: Advisories Published by CISA, Schneider Electric, Siemens appeared first on SecurityWeek.
12 March 2025
X experienced a cyberattack that caused widespread technical issues across the network.
12 March 2025
Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in "extremely sophisticated" attacks.
The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component.
It has been described as an out-of-bounds write issue that could allow an attacker to craft malicious web content such that it
11 March 2025
Kela admits that its evidence for a connection between Belsen and ZeroSevenGroup is largely circumstantial, primarily based on styles.
The post Are Threat Groups Belsen and ZeroSevenGroup Related? appeared first on SecurityWeek.
11 March 2025
Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation.
11 March 2025
Apple warns that the WebKIt bug "may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
The post Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw appeared first on SecurityWeek.
11 March 2025
Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild.
The post Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days appeared first on SecurityWeek.
11 March 2025
Adobe documents 35 security flaws in a wide range of products, including code-execution issues in the Acrobat and Reader applications.
The post Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader appeared first on SecurityWeek.
11 March 2025
Report from the Department for Science, Innovation & Technology (DSIT) finds weaknesses in current practices.
The post UK Government Report Calls for Stronger Open Source Supply Chain Security Practices appeared first on SecurityWeek.
11 March 2025
Cato Networks has analyzed a new IoT botnet named Ballista, which targets TP-Link Archer routers.
The post New Ballista IoT Botnet Linked to Italian Threat Actor appeared first on SecurityWeek.
11 March 2025
Authorities in India today arrested the alleged co-founder of Garantex, a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Sources close to the investigation told KrebsOnSecurity the Lithuanian national Aleksej Besciokov, 46, was apprehended while vacationing on the coast of India with his family.
11 March 2025
88% of security teams are reaching or exceeding performance goals, even with limited staff and greater workloads.
11 March 2025
The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024.
"The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates," Check Point said in a new analysis.
"More than 1,600 victims were affected during one of
11 March 2025
The New York Attorney General sued National General and its parent company Allstate over two data breaches.
The post New York Sues Insurance Giant Over Data Breaches appeared first on SecurityWeek.
11 March 2025
SAP released 21 new security notes and updated three security notes on March 2025 security patch day.
The post SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver appeared first on SecurityWeek.
11 March 2025
Edimax is aware that CVE-2025-1316 has been exploited in the wild, but the impacted devices were discontinued over a decade ago.
The post Edimax Says No Patches Coming for Zero-Day Exploited by Botnets appeared first on SecurityWeek.
11 March 2025
Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team.
"The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet," security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with