Latest Cybersecurity News and Articles
24 June 2025
The United States Embassy in India has announced that applicants for F, M, and J nonimmigrant visas should make their social media accounts public.
The new guideline seeks to help officials verify the identity and eligibility of applicants under U.S. law. The U.S. Embassy said every visa application review is a "national security decision."
"Effective immediately, all individuals applying for an
24 June 2025
Cybersecurity researchers have detailed two novel methods that can be used to disrupt cryptocurrency mining botnets.
The methods take advantage of the design of various common mining topologies in order to shut down the mining process, Akamai said in a new report published today.
"We developed two techniques by leveraging the mining topologies and pool policies that enable us to reduce a
24 June 2025
Siemens is working with Microsoft to address a Defender Antivirus problem that can lead to no malware alerts or plant disruptions.
The post Siemens Notifies Customers of Microsoft Defender Antivirus Issue appeared first on SecurityWeek.
24 June 2025
Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials.
Positive Technologies, in a new analysis published last week, said it identified two different kinds of keylogger code written in JavaScript on the Outlook login page -
Those that save collected data to a local file
24 June 2025
Aflac discovered suspicious activity on its United States network.
24 June 2025
I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn’t have asked for a better kickoff panel: three cybersecurity leaders who don’t just talk security, they live it.
Let me introduce them.
Alex Delay, CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead, Director of Cybersecurity at Avidity
24 June 2025
The future of secure digital engagement depends on continuous identity verification and proofing that can scale with risk.
The post Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives appeared first on SecurityWeek.
24 June 2025
Palo Alto Networks has observed a spike in Prometei activity since March 2025, pointing to a resurgence of the botnet.
The post Prometei Botnet Activity Spikes appeared first on SecurityWeek.
24 June 2025
Misconfigured Docker instances are the target of a campaign that employs the Tor anonymity network to stealthily mine cryptocurrency in susceptible environments.
"Attackers are exploiting misconfigured Docker APIs to gain access to containerized environments, then using Tor to mask their activities while deploying crypto miners," Trend Micro researchers Sunil Bharti and Shubham Singh said in an
24 June 2025
A Chinese APT has been infecting SOHO routers with the ShortLeash backdoor to build stealthy espionage infrastructure.
The post Chinese APT Hacking Routers to Build Espionage Infrastructure appeared first on SecurityWeek.
24 June 2025
Newly discovered spyware has sneaked into Apple’s App Store and Google Play to steal images from users’ mobile devices.
The post Photo-Stealing Spyware Sneaks Into Apple App Store, Google Play appeared first on SecurityWeek.
24 June 2025
The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns.
The development was first reported by Axios.
The decision, according to the House Chief Administrative Officer (CAO), was motivated by worries about the app's security.
"The Office of Cybersecurity has deemed WhatsApp a high-risk to users
24 June 2025
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the Russia-linked APT28 (aka UAC-0001) threat actors using Signal chat messages to deliver two new malware families dubbed BEARDSHELL and COVENANT.
BEARDSHELL, per CERT-UA, is written in C++ and offers the ability to download and execute PowerShell scripts, as well as upload the results of the
24 June 2025
Tech support scammers are using sponsored ads and search parameter injection to trick users into calling them.
The post Apple, Netflix, Microsoft Sites ‘Hacked’ for Tech Support Scams appeared first on SecurityWeek.
23 June 2025
The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major global telecommunications providers as part of a cyber espionage campaign.
The attackers exploited a critical Cisco IOS XE software (CVE-2023-20198, CVSS score: 10.0) to access configuration
23 June 2025
North Korean hackers employ social engineering to trick Zoom Meeting participants into executing system-takeover commands.
The post North Korean Hackers Take Over Victims’ Systems Using Zoom Meeting appeared first on SecurityWeek.
23 June 2025
A record-breaking data breach occurred, involving the exposure of 16 billion login credentials.
23 June 2025
Cybersecurity researchers are calling attention to a new jailbreaking method called Echo Chamber that could be leveraged to trick popular large language models (LLMs) into generating undesirable responses, irrespective of the safeguards put in place.
"Unlike traditional jailbreaks that rely on adversarial phrasing or character obfuscation, Echo Chamber weaponizes indirect references, semantic
23 June 2025
The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the Iran–Israel war that commenced on June 13, 2025.
Stating that the ongoing conflict has created a "heightened threat environment" in the country, the Department of Homeland Security (DHS) said in a bulletin that cyber actors are likely to
23 June 2025
Canada’s Centre for Cyber Security and the FBI warn of Chinese hackers targeting telecommunications and other companies in Canada.
The post China’s Salt Typhoon Hackers Target Canadian Telecom Firms appeared first on SecurityWeek.