Latest Cybersecurity News and Articles
30 April 2025
Meta has released new Llama protection tools to help the open source AI community build more secure applications.
The post Meta Releases Llama AI Open Source Protection Tools appeared first on SecurityWeek.
30 April 2025
Everyone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this:
“The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my shows were gone. Everything was in Spanish and there were all these Spanish shows I’ve never seen
30 April 2025
Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022.
RomCom "employs advanced evasion techniques, including living-off-the-land (LOTL) tactics and encrypted command and control (C2) communications, while continuously evolving its infrastructure – leveraging
30 April 2025
Cybersecurity researchers have revealed that RansomHub's online infrastructure has "inexplicably" gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation.
Singaporean cybersecurity company Group-IB said that this may have caused affiliates to migrate to Qilin, given that "disclosures on its DLS [data leak site] have doubled since
30 April 2025
France says the Russian state-sponsored group APT28 is responsible for targeting or compromising a dozen French entities.
The post France Blames Russia for Cyberattacks on Dozen Entities appeared first on SecurityWeek.
30 April 2025
Vulnerabilities in Apple’s AirPlay protocol could have allowed attackers to execute code remotely without user interaction.
The post AirPlay Vulnerabilities Expose Apple Devices to Zero-Click Takeover appeared first on SecurityWeek.
30 April 2025
Chrome 136 and Firefox 138 were released in the stable channel with patches for multiple high-severity vulnerabilities.
The post Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
30 April 2025
Meta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others.
The framework, the company said, incorporates three guardrails, including PromptGuard 2, Agent Alignment Checks, and CodeShield.
PromptGuard 2 is designed to detect direct
30 April 2025
Vulnerability remediation delays are primarily caused by breakdowns in communication and team collaboration.
30 April 2025
A high court in the Indian state of Karnataka has ordered the blocking of end-to-end encrypted email provider Proton Mail across the country.
The High Court of Karnataka, on April 29, said the ruling was in response to a legal complaint filed by M Moser Design Associated India Pvt Ltd in January 2025.
The complaint alleged its staff had received e-mails containing obscene, abusive
29 April 2025
Popular messaging app WhatsApp on Tuesday unveiled a new technology called Private Processing to enable artificial intelligence (AI) capabilities in a privacy-preserving manner.
"Private Processing will allow users to leverage powerful optional AI features – like summarizing unread messages or editing help – while preserving WhatsApp's core privacy promise," the Meta-owned service said in a
29 April 2025
Various generative artificial intelligence (GenAI) services have been found vulnerable to two types of jailbreak attacks that make it possible to produce illicit or dangerous content.
The first of the two techniques, codenamed Inception, instructs an AI tool to imagine a fictitious scenario, which can then be adapted into a second scenario within the first one where there exists no safety
29 April 2025
Before engaging in a full-scope exercise, it’s important to assess whether your program, people and processes are truly ready.
The post How do You Know if You’re Ready for a Red Team Partnership? appeared first on SecurityWeek.
29 April 2025
Commvault Command Center has a critical security flaw. Security leaders discuss.
29 April 2025
Athena marks a major leap in SOC automation, enabling real-time detection, triage, and remediation with minimal human oversight.
The post SentinelOne’s Purple AI Athena Brings Autonomous Decision-Making to the SOC appeared first on SecurityWeek.
29 April 2025
Blue Shield of California has notified members of a data breach that may have impacted protected health information.
29 April 2025
As Xi Jinping advances his vision for China’s dominance by 2049, cybersecurity experts warn that connected technologies—like EV batteries—may quietly serve as tools of influence, espionage, and disruption.
The post China’s Secret Weapon? How EV Batteries Could be Weaponized to Disrupt America appeared first on SecurityWeek.
29 April 2025
Cybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers.
"We first became aware of this threat cluster during a 2024 intrusion conducted against an organization previously providing hardware logistics services for SentinelOne employees," security
29 April 2025
Cybersecurity awareness training platform Pistachio has raised $7 million in a Series A funding round led by Walter Ventures.
The post Pistachio Raises $7 Million for Cybersecurity Training Platform appeared first on SecurityWeek.
29 April 2025
Browser security firm LayerX has raised $11 million in a Series A funding round extension led by Jump Capital.
The post LayerX Raises $11 Million for Browser Security Solution appeared first on SecurityWeek.