Latest Cybersecurity News and Articles
02 August 2025
Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks.
Palo Alto Networks Unit 42 said it observed multiple incidents in the region, including one aimed at critical telecommunications infrastructure between February and November 2024.
The attacks are characterized by the
02 August 2025
Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year.
"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access," Nextron Systems researcher Pierre-Henri Pezier said.
Pluggable Authentication Modules
02 August 2025
SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025.
"In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs," Arctic Wolf Labs researcher Julian Tuin said in a report.
The cybersecurity company
01 August 2025
Should Gen Z to be treated as a separate attack surface within your company?
The post Gen Z in the Crosshairs: Cybercriminals Shift Focus to Young, Digital-Savvy Workers appeared first on SecurityWeek.
01 August 2025
A majority of organizations (54%) do not have complete visibility into cloud spends.
01 August 2025
Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a popular artificial intelligence (AI) code editor, that could result in remote code execution.
The vulnerability, tracked as CVE-2025-54135 (CVSS score: 8.6), has been addressed in version 1.3 released on July 29, 2025. It has been codenamed CurXecute by Aim Labs, which previously disclosed EchoLeak.
01 August 2025
Noteworthy stories that might have slipped under the radar: Microsoft investigates whether the ToolShell exploit was leaked via MAPP, two reports on port cybersecurity, physical backdoor used for ATM hacking attempt.
The post In Other News: Microsoft Probes ToolShell Leak, Port Cybersecurity, Raspberry Pi ATM Hack appeared first on SecurityWeek.
01 August 2025
Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks.
"The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign," Proofpoint said in a Thursday report.
The
01 August 2025
A new report provides a comprehensive look at the value of Certified Ethical Hacker (CEH) credentials.
01 August 2025
Valid, complete reports detailing remote code execution or elevation of privilege bugs in .NET qualify for the maximum rewards.
The post Microsoft Boosts .NET Bounty Program Rewards to $40,000 appeared first on SecurityWeek.
01 August 2025
Russian state-sponsored APT Secret Blizzard has used ISP-level AitM attacks to infect diplomatic devices with malware.
The post Russian Cyberspies Target Foreign Embassies in Moscow via AitM Attacks: Microsoft appeared first on SecurityWeek.
01 August 2025
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer.
The package, @kodane/patch-manager, claims to offer "advanced license validation and registry optimization utilities for high-performance Node.js applications." It was uploaded to npm by a user named "Kodane" on July 28, 2025. The
01 August 2025
Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the data that powers them
The junk food problem in cybersecurity
Imagine a triathlete who spares no expense on equipment—carbon fiber bikes, hydrodynamic wetsuits, precision GPS watches—but fuels their
01 August 2025
Safe has raised $70 million in Series C funding to advance cyber risk management through specialized AI agents.
The post Cyber Risk Management Firm Safe Raises $70 Million appeared first on SecurityWeek.
01 August 2025
Echo received funding for creating thousands of container images that are not affected by any CVE, for enterprise-grade software infrastructure.
The post Echo Raises $15M in Seed Funding for Vulnerability-Free Container Images appeared first on SecurityWeek.
01 August 2025
The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) in its operations.
The framework includes at least two different types of clients, HTTP-based and Domain Name System (DNS)-based, which have been dubbed AK47HTTP and AK47DNS, respectively, by
01 August 2025
Two US senators introduced a bipartisan bill to help prepare federal government agencies for quantum computing threats.
The post Bill Aims to Create National Strategy for Quantum Cybersecurity Migration appeared first on SecurityWeek.
01 August 2025
Meta is sponsoring ZDI’s Pwn2Own hacking competition, where participants can earn big prizes for smartphone, WhatsApp and wearable device exploits.
The post $1 Million Offered for WhatsApp Exploit at Pwn2Own Ireland 2025 appeared first on SecurityWeek.
01 August 2025
Scattered Spider is evolving tactics and targeting new sectors.
31 July 2025
The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle (AitM) attack at the Internet Service Provider (ISP) level and delivering a custom malware dubbed ApolloShadow.
"ApolloShadow has the capability to install a trusted root certificate to