Latest Cybersecurity News and Articles
25 July 2025
Russian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a backdoor called EAGLET to facilitate data exfiltration.
The activity, dubbed Operation CargoTalon, has been assigned to a threat cluster tracked as UNG0901 (short for Unknown Group 901).
"The campaign is aimed at targeting employees of Voronezh Aircraft Production Association (VASO), one
25 July 2025
An authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system.
The post Mitel Patches Critical Flaw in Enterprise Communication Platform appeared first on SecurityWeek.
25 July 2025
The Koske Linux malware shows how cybercriminals can use AI for payload development, persistence, and adaptivity.
The post Sophisticated Koske Linux Malware Developed With AI Aid appeared first on SecurityWeek.
25 July 2025
Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners.
The threat activity clusters have been codenamed Soco404 and Koske by cloud security firms Wiz and Aqua, respectively.
Soco404 "targets both Linux and Windows systems, deploying platform-specific malware," Wiz
25 July 2025
A recent analysis of enterprise data suggests that generative AI tools developed in China are being used extensively by employees in the US and UK, often without oversight or approval from security teams. The study, conducted by Harmonic Security, also identifies hundreds of instances in which sensitive data was uploaded to platforms hosted in China, raising concerns over compliance, data
25 July 2025
Ollie Holman was sentenced to prison for selling over 1,000 phishing kits that caused estimated losses of over $134 million.
The post UK Student Sentenced to Prison for Selling Phishing Kits appeared first on SecurityWeek.
25 July 2025
Chinese cyberespionage group Fire Ant is targeting virtualization and networking infrastructure to access isolated environments.
The post Chinese Spies Target Networking and Virtualization Flaws to Breach Isolated Environments appeared first on SecurityWeek.
25 July 2025
LG Innotek LNV5110R security cameras are affected by a vulnerability that can be exploited for unauthenticated remote code execution.
The post No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking appeared first on SecurityWeek.
25 July 2025
Christina Chapman was sentenced to prison for helping North Korean IT workers infiltrate US companies and running a laptop farm for them.
The post US Targets North Korea’s Illicit Funds: $15M Rewards Offered as American Woman Jailed in IT Worker Scam appeared first on SecurityWeek.
24 July 2025
KrebsOnSecurity recently heard from a reader whose boss's email account got phished and was used to trick one of the company's customers into sending a large payment to scammers. An investigation into the attacker's infrastructure points to a long-running Nigerian cybercrime group that is actively targeting established companies in the transportation and aviation industries.
24 July 2025
Mitel has released security updates to address a critical security flaw in MiVoice MX-ONE that could allow an attacker to bypass authentication protections.
"An authentication bypass vulnerability has been identified in the Provisioning Manager component of Mitel MiVoice MX-ONE, which, if successfully exploited, could allow an unauthenticated attacker to conduct an authentication bypass attack
24 July 2025
Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign.
The activity, observed this year, is primarily designed Now to infiltrate organizations' VMware ESXi and vCenter environments as well as network appliances, Sygnia said in a new report published today.
"The threat actor leveraged combinations of
24 July 2025
Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans (RATs).
The activity employs Cloudflare-themed ClickFix phishing attacks and fake GitHub repositories opened under the names of legitimate applications, Swiss cybersecurity company PRODAFT said in
24 July 2025
Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote code execution.
The two vulnerabilities impacting Sophos Firewall are listed below -
CVE-2025-6704 (CVSS score: 9.8) - An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature can lead
24 July 2025
HeroDevs has received a $125 million strategic growth investment from PSG to secure enterprise security stacks.
The post HeroDevs Raises $125 Million to Secure Deprecated OSS appeared first on SecurityWeek.
24 July 2025
The proposed cyber regulations include the implementation of incident reporting, response plans, and cybersecurity controls, training, and certification of compliance.
The post New York Seeking Public Opinion on Water Systems Cyber Regulations appeared first on SecurityWeek.
24 July 2025
Risk management and compliance solutions provider Vanta has raised more than $500 million since 2021.
The post GRC Firm Vanta Raises $150 Million at $4.15 Billion Valuation appeared first on SecurityWeek.
24 July 2025
Clorox is blaming Congnizat for the 2023 cyberattack, claiming that the IT provided handed over passwords to the hackers.
The post Clorox Sues Cognizant for $380 Million Over 2023 Hack appeared first on SecurityWeek.
24 July 2025
Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone!
Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud,
24 July 2025
Hackers have injected malware into popular NPM packages after compromising several developer accounts in a fresh phishing campaign.
The post High-Value NPM Developers Compromised in New Phishing Campaign appeared first on SecurityWeek.