Latest Cybersecurity News and Articles
23 June 2025
New "Echo Chamber" attack bypasses advanced LLM safeguards by subtly manipulating conversational context, proving highly effective across leading AI models.
The post New AI Jailbreak Bypasses Guardrails With Ease appeared first on SecurityWeek.
23 June 2025
Cybersecurity researchers have uncovered a Go-based malware called XDigo that has been used in attacks targeting Eastern European governmental entities in March 2025.
The attack chains are said to have leveraged a collection of Windows shortcut (LNK) files as part of a multi-stage procedure to deploy the malware, French cybersecurity company HarfangLab said.
XDSpy is the name assigned to a cyber
23 June 2025
The time frame between the breach and the notice of affected individuals has some cyber experts concerned.
23 June 2025
Radware's recent ecommerce report found that automated bots accounted for 57% of e-commerce website traffic during the 2024 holiday season.
23 June 2025
A critical-severity vulnerability in Teleport could allow remote attackers to bypass SSH authentication and access managed systems.
The post Critical Authentication Bypass Flaw Patched in Teleport appeared first on SecurityWeek.
23 June 2025
The personal information of 743,000 individuals was compromised in a 2024 ransomware attack on McLaren Health Care.
The post 743,000 Impacted by McLaren Health Care Data Breach appeared first on SecurityWeek.
23 June 2025
It sure is a hard time to be a SOC analyst.
Every day, they are expected to solve high-consequence problems with half the data and twice the pressure. Analysts are overwhelmed—not just by threats, but by the systems and processes in place that are meant to help them respond. Tooling is fragmented. Workflows are heavy. Context lives in five places, and alerts never slow down. What started as a
23 June 2025
Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems.
"Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections
23 June 2025
Iranian hackers are expected to intensify cyberattacks against the US after the recent air strikes on Iran’s nuclear sites.
The post US Braces for Cyberattacks After Joining Israel-Iran War appeared first on SecurityWeek.
23 June 2025
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until they are. What if your environment is already being tested, just not in ways you expected?
Some of the most dangerous moves are hidden in plain sight. It’s worth asking: what patterns are we missing, and what signals are we ignoring because they don’t match old
23 June 2025
Nucor has shared an update on the impact of the recent cyberattack and confirmed that some data has been taken from its IT systems.
The post Steelmaker Nucor Says Hackers Stole Data in Recent Attack appeared first on SecurityWeek.
21 June 2025
The April 2025 cyber attacks targeting U.K. retailers Marks & Spencer and Co-op have been classified as a "single combined cyber event."
That's according to an assessment from the Cyber Monitoring Centre (CMC), a U.K.-based independent, non-profit body set up by the insurance industry to categorize major cyber events.
"Given that one threat actor claimed responsibility for both M&S and
21 June 2025
Aflac said that it’s in the early stages of a review of the incident, and so far is unable to determine the total number of affected individuals.
The post Aflac Finds Suspicious Activity on US Network That May Impact Social Security Numbers, Other Data appeared first on SecurityWeek.
20 June 2025
The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme are now offering legal counsel for affiliates to put more pressure on victims to pay up, as the cybercrime group intensifies its activity and tries to fill the void left by its rivals.
The new feature takes the form of a "Call Lawyer" feature on the affiliate panel, per Israeli cybersecurity company Cybereason.
The
20 June 2025
As conflict rises between Israel and Iran, organizations in the United States are urged to prepare for the possibility of increased cyberattacks from Iran.
20 June 2025
Noteworthy stories that might have slipped under the radar: China’s Salt Typhoon targeted Viasat, Washington Post emails compromised in hack, Rowhammer attack named Crowhammer.
The post In Other News: Viasat Hacked by China, Washington Post Cyberattack, Crowhammer appeared first on SecurityWeek.
20 June 2025
Cloudflare has blocked yet another record-breaking DDoS attack, which delivered the equivalent of 9,000 HD movies in just 45 seconds.
The post Record-Breaking 7.3 Tbps DDoS Attack Targets Hosting Provider appeared first on SecurityWeek.
20 June 2025
Research reveals a CVSS 8.8 vulnerability, and security leaders are sharing their thoughts.
20 June 2025
Iran's state-owned TV broadcaster was hacked Wednesday night to interrupt regular programming and air videos calling for street protests against the Iranian government, according to multiple reports.
It's currently not known who is behind the attack, although Iran pointed fingers at Israel, per Iran International.
"If you experience disruptions or irrelevant messages while watching various TV
20 June 2025
The Godfather Android trojan uses on-device virtualization to hijack legitimate applications and steal users’ funds.
The post Godfather Android Trojan Creates Sandbox on Infected Devices appeared first on SecurityWeek.