Latest Cybersecurity News and Articles

---

New Eleven11bot DDoS Botnet Powered by 80,000 Hacked Devices

The Eleven11bot botnet has been described as one of the largest known DDoS botnets observed in recent years.  The post New Eleven11bot DDoS Botnet Powered by 80,000 Hacked Devices appeared first on SecurityWeek.

---

Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems

Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems. "The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers

---

Cyber operations against Russia halted, cyber leaders remain alert

How will organizations be impacted by the order to halt cyber operations against Russia? Cybersecurity leaders share their thoughts. 

---

Organizations Still Not Patching OT Due to Disruption Concerns: Survey

Cyber-physical systems security company TXOne Networks has published its 2024 Annual OT/ICS Cybersecurity Report. The post Organizations Still Not Patching OT Due to Disruption Concerns: Survey appeared first on SecurityWeek.

---

ICS/OT Security Budgets Increasing, but Critical Areas Underfunded: Report

The SANS Institute and OPSWAT have published their 2025 ICS/OT Cybersecurity Budget Report. The post ICS/OT Security Budgets Increasing, but Critical Areas Underfunded: Report appeared first on SecurityWeek.

---

78% of CISOs are experiencing impact from from AI cyber threats

A report discusses the shifting role of AI in cybersecurity. 

---

Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates

Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS. "Once infiltrated, it grants attackers a wide range of remote control capabilities, allowing them to execute

---

Intel TDX Connect Bridges the CPU-GPU Security Gap

AI is all about data – and keeping AI’s data confidential both within devices and between devices is problematic. Intel offers a solution. The post Intel TDX Connect Bridges the CPU-GPU Security Gap appeared first on SecurityWeek.

---

AI Asset Inventories: The Only Way to Stay on Top of a Lightning-fast Landscape

Unauthorized AI usage is a ticking time bomb. A tool that wasn’t considered a risk yesterday may introduce new AI-powered features overnight. The post AI Asset Inventories: The Only Way to Stay on Top of a Lightning-fast Landscape appeared first on SecurityWeek.

---

36% of organizations have outlined roles within cybersecurity teams

A recent report fund that 93% of organizations made policy changes over the preceding 12 months to address concerns about personal liability for CISOs.

---

Aryon Security Debuts With Platform to Prevent Cloud Misconfigurations

Misconfigurations are the cause of most cloud breaches. Aryon is on a mission to prevent them. The post Aryon Security Debuts With Platform to Prevent Cloud Misconfigurations appeared first on SecurityWeek.

---

VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches

Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. The list of vulnerabilities is as follows - CVE-2025-22224 (CVSS score: 9.3) - A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with

---

Polish Space Agency Hit by Cyberattack

The Polish space agency POLSA says it has disconnected its network from the internet to contain a cyberattack. The post Polish Space Agency Hit by Cyberattack appeared first on SecurityWeek.

---

Jamf to Acquire Identity Automation for $215 Million

Apple device management firm Jamf has entered into an agreement to acquire IAM platform Identity Automation. The post Jamf to Acquire Identity Automation for $215 Million appeared first on SecurityWeek.

---

96% of ransomware incidents involve data exfiltration

Malicious actors are shifting priorities, as 96% of ransomware incidents involve data exfiltration. 

---

Vulnerabilities Patched in Qualcomm, Mediatek Chipsets

Chip makers Qualcomm and Mediatek have released patches for many vulnerabilities across their products. The post Vulnerabilities Patched in Qualcomm, Mediatek Chipsets appeared first on SecurityWeek.

---

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild

Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation. The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek.

---

Google Patches Pair of Exploited Vulnerabilities in Android

Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild. The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek.

---

How New AI Agents Will Transform Credential Stuffing Attacks

Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers. Stolen credentials: The cyber criminal’s weapon of choice

---

Exploitation Long Known for Most of CISA’s Latest KEV Additions

Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog. The post Exploitation Long Known for Most of CISA’s Latest KEV Additions appeared first on SecurityWeek.