Latest Cybersecurity News and Articles
08 April 2025
San Francisco smart contract security startup closes a $6.75 million seed funding round led by Archetype and Winklevoss Capital.
The post Octane Raises $6.75M for Smart Contract Security Tech appeared first on SecurityWeek.
08 April 2025
Spektion has emerged from stealth mode with $5 million in seed funding for its vulnerability management solution.
The post Vulnerability Management Firm Spektion Emerges From Stealth With $5 Million in Funding appeared first on SecurityWeek.
08 April 2025
The NCSC and partners publish new information and mitigation measures for those at high risk from two spyware variants.
08 April 2025
This advisory provides new and collated threat intelligence on two variants of spyware known as BADBAZAAR and MOONSHINE, and includes advice for app store operators, developers and social media companies to help keep their users safe.
08 April 2025
Spyware variants MOONSHINE and BADBAZAAR are being used to target mobile devices of individuals around the world.
08 April 2025
While often relegated to a purely functional role, DNS offers unparalleled opportunities for preemptive defense against cyberattacks.
The post DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks appeared first on SecurityWeek.
08 April 2025
Anecdotes has raised $55 million in an extended Series B funding round that brings the total raised by the company to $85 million.
The post Anecdotes Raises $30 Million for Enterprise GRC Platform appeared first on SecurityWeek.
08 April 2025
SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication bypass flaws.
The post SAP Patches Critical Code Injection Vulnerabilities appeared first on SecurityWeek.
08 April 2025
Silicon Valley startup secures big investment from Menlo Ventures and Mayfield Fund to solve the “shadow AI” security problem.
The post Aurascape Banks Hefty $50 Million to Mitigate ‘Shadow AI’ Risks appeared first on SecurityWeek.
08 April 2025
An update for the WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could be used to trick users.
The post WhatsApp Vulnerability Could Facilitate Remote Code Execution appeared first on SecurityWeek.
08 April 2025
A sophisticated APT tracked as ToddyCat has exploited an ESET DLL search order hijacking vulnerability for malware delivery.
The post ESET Vulnerability Exploited for Stealthy Malware Execution appeared first on SecurityWeek.
08 April 2025
The new funds will be used to extend Corsha’s reach into critical infrastructure and further improve its own use of AI.
The post Corsha Raises $18 Million to Enhance and Extend Machine-to-Machine Security appeared first on SecurityWeek.
08 April 2025
Troy Rydman has been hired as the chief information officer (CIO) and chief information security officer (CISO) at Packsize.
08 April 2025
Tailscale’s new Series C funding round brings the total raised by the company for its secure networking platform to $275 million.
The post Tailscale Raises $160 Million for Secure Networking Platform appeared first on SecurityWeek.
08 April 2025
Security Operations Centers (SOCs) today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst fatigue, burnout, and attrition. While artificial intelligence has emerged as a go-to solution, the term “AI” often blurs crucial distinctions. Not all AI is built equal, especially in the SOC. Many
08 April 2025
More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers.
The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek.
08 April 2025
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware.
The activity is aimed at military formations, law enforcement agencies, and local self-government bodies, particularly those located near Ukraine's eastern border, the agency said.
The attacks involve distributing phishing emails
08 April 2025
Android’s latest security update resolves two exploited Kernel vulnerabilities, as well as critical-severity bugs.
The post Android Update Patches Two Exploited Vulnerabilities appeared first on SecurityWeek.
08 April 2025
Huntress has shared details on the post-exploitation activities of threat actors targeting the recent CrushFTP vulnerability.
The post Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks appeared first on SecurityWeek.
08 April 2025
A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog after reports emerged of active exploitation in the wild.
The vulnerability is a case of authentication bypass that could permit an unauthenticated attacker to take over susceptible instances. It has