Latest Cybersecurity News and Articles
20 August 2025
CERT/CC has disclosed the details of information exposure vulnerabilities in a Workhorse Software application after patches were released.
The post Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data appeared first on SecurityWeek.
20 August 2025
Inotiv has notified the SEC that its business operations took a hit after hackers compromised and encrypted its internal systems.
The post Pharmaceutical Company Inotiv Confirms Ransomware Attack appeared first on SecurityWeek.
20 August 2025
Modern businesses face a rapidly evolving and expanding threat landscape, but what does this mean for your business? It means a growing number of risks, along with an increase in their frequency, variety, complexity, severity, and potential business impact.
The real question is, “How do you tackle these rising threats?” The answer lies in having a robust BCDR strategy. However, to build a
20 August 2025
North Korean threat actors have been attributed to a coordinated cyber espionage campaign targeting diplomatic missions in their southern counterpart between March and July 2025.
The activity manifested in the form of at least 19 spear-phishing emails that impersonated trusted diplomatic contacts with the goal of luring embassy staff and foreign ministry personnel with convincing meeting invites
20 August 2025
Google and Mozilla have released patches for multiple high-severity vulnerabilities affecting Chrome and Firefox.
The post High-Severity Vulnerabilities Patched in Chrome, Firefox appeared first on SecurityWeek.
20 August 2025
A researcher said he found vulnerable internal services that exposed the information of 270,000 Intel employees.
The post Intel Employee Data Exposed by Vulnerabilities appeared first on SecurityWeek.
20 August 2025
A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service (DDoS)-for-hire botnet called RapperBot.
Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice (DoJ) said. The botnet has been used to carry out large-scale DDoS-for-hire attacks targeting
19 August 2025
A 22-year-old Oregon man has been arrested on suspicion of operating "Rapper Bot," a massive botnet used to power a service for launching distributed denial-of-service (DDoS) attacks against targets -- including a March 2025 DDoS that knocked Twitter/X offline. The Justice Department asserts the suspect and an unidentified co-conspirator rented out the botnet to online extortionists, and tried to stay off the radar of law enforcement by ensuring that their botnet was never pointed at KrebsOnSecurity.
19 August 2025
Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware called DripDropper.
But in an unusual twist, the unknown attackers have been observed patching the exploited vulnerability after securing initial access to prevent further exploitation by other adversaries and evade detection, Red Canary said in
19 August 2025
A majority of organizations are unprepared for shorter SSL/TLS certificate lifespans.
19 August 2025
Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously unreported remote access trojan called GodRAT.
The malicious activity involves the "distribution of malicious .SCR (screen saver) files disguised as financial documents via Skype messenger," Kaspersky researcher Saurabh Sharma said in a technical analysis published today.
The
19 August 2025
Most organizations approach cybersecurity issues reactively, responding to threats only after the damage has been done.
19 August 2025
PipeMagic, which poses as a ChatGPT application, is a modular malware framework that provides persistent access and flexibility.
The post Microsoft Dissects PipeMagic Modular Backdoor appeared first on SecurityWeek.
19 August 2025
A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild, putting organizations at risk of system compromise and data theft.
The exploit in question chains together CVE-2025-31324 and CVE-2025-42999 to bypass authentication and achieve remote code execution, SAP security company Onapsis said.
CVE-2025-31324 (CVSS score: 10.0) - Missing
19 August 2025
TPG Telecom has disclosed a cybersecurity incident after discovering unauthorized access to an iiNet order management system.
The post Australia’s TPG Telecom Investigating iiNet Hack appeared first on SecurityWeek.
19 August 2025
Britain abandoned its demand that Apple provide backdoor access to any encrypted user data stored in the cloud.
The post Gabbard Says UK Scraps Demand for Apple to Give Backdoor Access to Data appeared first on SecurityWeek.
19 August 2025
Bragg Gaming Group says hackers accessed its internal systems over the weekend, but did not affect its operations.
The post Gambling Tech Firm Bragg Discloses Cyberattack appeared first on SecurityWeek.
19 August 2025
Al-Tahery Al-Mashriky of the Yemen Cyber Army has been accused of hacking into and defacing many websites as part of hacktivist campaigns.
The post Hacktivist Sentenced to 20 Months of Prison in UK appeared first on SecurityWeek.
19 August 2025
The U.K. government has apparently abandoned its plans to force Apple to weaken encryption protections and include a backdoor that would have enabled access to the protected data of U.S. citizens.
U.S. Director of National Intelligence (DNI) Tulsi Gabbard, in a statement posted on X, said the U.S. government had been working with its partners with the U.K. over the past few months to ensure that
19 August 2025
After two decades of developing increasingly mature security architectures, organizations are running up against a hard truth: tools and technologies alone are not enough to mitigate cyber risk. As tech stacks have grown more sophisticated and capable, attackers have shifted their focus. They are no longer focusing on infrastructure vulnerabilities alone. Instead, they are increasingly