Latest Cybersecurity News and Articles
31 July 2025
Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping services from Proofpoint and Intermedia to bypass defenses.
"Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs through a scanning service, allowing them to block known malicious destinations at the moment of click,"
31 July 2025
Noma Security has announced a Series B funding round that will enable the company’s growth and expansion of its AI agent security solutions.
The post Noma Security Raises $100 Million for AI Security Platform appeared first on SecurityWeek.
31 July 2025
Chinese military and cyber researchers are intensifying efforts to counter Elon Musk’s Starlink satellite network, viewing it as a potential tool for U.S. military power across nuclear, space, and cyber domains.
The post Chinese Researchers Suggest Lasers and Sabotage to Counter Musk’s Starlink Satellites appeared first on SecurityWeek.
31 July 2025
Reach Security has received a $10 million strategic investment from M12 to advance its domain-specific AI approach for exposure management.
The post Reach Security Raises $10 Million for Exposure Management Solution appeared first on SecurityWeek.
31 July 2025
The tool includes resources to help organizations during the containment and eviction stages of incident response.
The post Open Source CISA Tool Helps Defenders With Hacker Containment, Eviction appeared first on SecurityWeek.
31 July 2025
The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram.
"Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering techniques to successfully convince the targeted employees to execute malicious Docker containers in their
31 July 2025
Why context, behavioral baselines, and multi-source visibility are the new pillars of identity security in a world where credentials alone no longer cut it.
The post Who’s Really Behind the Mask? Combatting Identity Fraud appeared first on SecurityWeek.
31 July 2025
1 in 20 online identity verification attempts are fraudulent in the financial services sector.
31 July 2025
Wallarm has raised money in a Series C funding round led by Toba Capital, which brings the total raised by the company to over $70 million.
The post API Security Firm Wallarm Raises $55 Million appeared first on SecurityWeek.
31 July 2025
In an era when data needs to be recognized as an asset in order to transform as a business, retrieving value from data becomes the topmost priority.
31 July 2025
LayerX has disclosed an AI chatbot hacking method via web browser extensions it has named ‘man-in-the-prompt’.
The post Browser Extensions Pose Serious Threat to Gen-AI Tools Handling Sensitive Data appeared first on SecurityWeek.
31 July 2025
A recent report by Veracode revealed that while AI produces functional code, it introduces security vulnerabilities in 45% of cases.
31 July 2025
Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought after and valued target. With the rapid expansion and adoption of AI, it is more critical than ever to ensure the endpoint is adequately secured by a platform capable of not just keeping pace, but staying ahead of an ever-evolving threat landscape.
31 July 2025
SentinelLabs connects the dots between prolific Chinese state-sponsored hackers and companies developing intrusion tools.
The post Report Links Chinese Companies to Tools Used by State-Sponsored Hackers appeared first on SecurityWeek.
31 July 2025
The financially motivated threat actor known as UNC2891 has been observed targeting Automatic Teller Machine (ATM) infrastructure using a 4G-equipped Raspberry Pi as part of a covert attack.
The cyber-physical attack involved the adversary leveraging their physical access to install the Raspberry Pi device and have it connected directly to the same network switch as the ATM, effectively placing
31 July 2025
Security Operations Centers (SOCs) are stretched to their limits. Log volumes are surging, threat landscapes are growing more complex, and security teams are chronically understaffed. Analysts face a daily battle with alert noise, fragmented tools, and incomplete data visibility. At the same time, more vendors are phasing out their on-premises SIEM solutions, encouraging migration to SaaS
31 July 2025
Honeywell has patched several critical and high-severity vulnerabilities in its Experion PKS industrial process control and automation product.
The post Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes appeared first on SecurityWeek.
31 July 2025
Google Project Zero now publicly shares the discovery of a vulnerability and when its 90-day disclosure deadline expires.
The post Google Project Zero Tackles Upstream Patch Gap With New Policy appeared first on SecurityWeek.
31 July 2025
Threat actors are actively exploiting a critical security flaw in "Alone – Charity Multipurpose Non-profit WordPress Theme" to take over susceptible sites.
The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and reporting the bug.
According to Wordfence, the shortcoming relates to an arbitrary file upload
30 July 2025
Committee Members voted to recommend Sean Plankey for director of the Cybersecurity and Infrastructure Security Agency.
The post Senate Committee Advances Trump Nominee to Lead CISA appeared first on SecurityWeek.