Latest Cybersecurity News and Articles
28 October 2025
Witnesses on the Thai side of the border reported hearing explosions and seeing smoke coming from the center over the past several nights starting on Friday.
The post Stragglers From Myanmar Scam Center Raided by Army Cross Into Thailand as Buildings are Blown Up appeared first on SecurityWeek.
28 October 2025
Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns targeting Italy and Brazil to conduct device takeover (DTO) attacks.
"Herodotus is designed to perform device takeover while making first attempts to mimic human behaviour and bypass behaviour biometrics detection," ThreatFabric said in a report shared with
28 October 2025
Threat actors tied to North Korea have been observed targeting the Web3 and blockchain sectors as part of twin campaigns tracked as GhostCall and GhostHire.
According to Kaspersky, the campaigns are part of a broader operation called SnatchCrypto that has been underway since at least 2017. The activity is attributed to a Lazarus Group sub-cluster called BlueNoroff, which is also known as APT38,
28 October 2025
Approximately 40 billion records (13 TB) were found in an exposed database.
28 October 2025
The critical-severity flaw allows attackers to smuggle HTTP requests and access sensitive data, modify server files, or cause DoS conditions.
The post QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability appeared first on SecurityWeek.
28 October 2025
SimSpace provides realistic cyber ranges where organizations can test attack preparedness and validate defenses.
The post SimSpace Raises $39 Million for Cyber Range Platform appeared first on SecurityWeek.
28 October 2025
A new class of Mirai-based DDoS botnets have been launching massive attacks, but their inability to spoof traffic enables device remediation.
The post TurboMirai-Class ‘Aisuru’ Botnet Blamed for 20+ Tbps DDoS Attacks appeared first on SecurityWeek.
28 October 2025
Sublime Security’s Series C funding round brings the total raised by the company to more than $240 million.
The post Sublime Security Raises $150 Million for Email Security Platform appeared first on SecurityWeek.
28 October 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Oct. 28, 2025 – Read the full story in Bizcommunity Cyber threats in South Africa are growing more sophisticated every day. According to Cybersecurity Ventures, the total cost of cybercrime globally is expected
The post Top cyber threats in South Africa appeared first on Cybercrime Magazine.
28 October 2025
Data allegedly stolen from the companies has been made available for download on the Cl0p ransomware leak website.
The post Industrial Giants Schneider Electric and Emerson Named as Victims of Oracle Hack appeared first on SecurityWeek.
28 October 2025
In cybersecurity, speed isn’t just a win — it’s a multiplier. The faster you learn about emerging threats, the faster you adapt your defenses, the less damage you suffer, and the more confidently your business keeps scaling. Early threat detection isn’t about preventing a breach someday: it’s about protecting the revenue you’re supposed to earn every day.
Companies that treat cybersecurity as a
28 October 2025
The email addresses were pulled from various sources and 16.4 million of them were not present in previous data breaches.
The post Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark Forums appeared first on SecurityWeek.
28 October 2025
The New Reality for Lean Security Teams
If you’re the first security or IT hire at a fast-growing startup, you’ve likely inherited a mandate that’s both simple and maddeningly complex: secure the business without slowing it down.
Most organizations using Google Workspace start with an environment built for collaboration, not resilience. Shared drives, permissive settings, and constant
28 October 2025
The hackers stole information from a file transfer solution and the country’s power supply was not affected.
The post Hackers Target Swedish Power Grid Operator appeared first on SecurityWeek.
28 October 2025
The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from Italian information technology and services provider Memento Labs, according to new findings from Kaspersky.
The vulnerability in question is CVE-2025-2783 (CVSS score: 8.3), a case of sandbox escape which the company disclosed in March 2025 as having come under
28 October 2025
A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025.
The activity "reveals a notable evolution in SideWinder's TTPs, particularly the adoption of a novel PDF and ClickOnce-based infection chain, in
27 October 2025
Social media platform X is urging users who have enrolled for two-factor authentication (2FA) using passkeys and hardware security keys like Yubikeys to re-enroll their key to ensure continued access to the service.
To that end, users are being asked to complete the re-enrollment, either using their existing security key or enrolling a new one, by November 10, 2025.
"After November 10, if you
27 October 2025
Chainguard has raised $636 million in the past six months alone for its software supply chain security solutions.
The post Chainguard Raises $280 Million in Growth Funding appeared first on SecurityWeek.
27 October 2025
Cybersecurity researchers have discovered a new vulnerability in OpenAI's ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the artificial intelligence (AI)-powered assistant's memory and run arbitrary code.
"This exploit can allow attackers to infect systems with malicious code, grant themselves access privileges, or deploy malware," LayerX
27 October 2025
The malicious Smishing Triad domains were used to collect sensitive information, including Social Security numbers.
The post Massive China-Linked Smishing Campaign Leveraged 194,000 Domains appeared first on SecurityWeek.