Latest Cybersecurity News and Articles
12 March 2025
The Institution of Engineering and Technology has published a Code of Practice with the support of the NCSC.
12 March 2025
New guidance from the NCSC and the Centre for the Protection of National Infrastructure (CPNI) to help fledgling technical companies consider key questions around security.
12 March 2025
APTs are exploiting vulnerabilities in several VPN products used worldwide
12 March 2025
Microsoft Windows Netlogon vulnerability is being actively exploited and organisations should install necessary updates as soon as is practicable.
12 March 2025
A joint NCSC and CISA alert detailing the legacy risk of the malware Qsnatch to QNAP NAS devices
12 March 2025
Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023.
The post Newly Patched Windows Zero-Day Exploited for Two Years appeared first on SecurityWeek.
12 March 2025
Threat intelligence firm GreyNoise is warning of a "coordinated surge" in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms.
"At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts," the company said, adding it observed the activity on March 9, 2025.
The countries which
12 March 2025
Hackers used compromised credentials to access PowerSchool’s PowerSource portal months before the December 2024 data breach.
The post PowerSchool Portal Compromised Months Before Massive Data Breach appeared first on SecurityWeek.
12 March 2025
How hyper agenda-driven threat actors, cybercriminals, and nation-states integrate digital, narrative, and physical attacks to target organizations through their executives.
The post Webinar Today: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks appeared first on SecurityWeek.
12 March 2025
US officials have not determined who was behind an apparent cyberattack on the social media site X that limited access to the platform for thousands of users.
The post US Hasn’t Determined Who Was Behind Cyberattack That Caused Outage on Musk’s X appeared first on SecurityWeek.
12 March 2025
We’ve been hearing the same story for years: AI is coming for your job. In fact, in 2017, McKinsey printed a report, Jobs Lost, Jobs Gained: Workforce Transitions in a Time of Automation, predicting that by 2030, 375 million workers would need to find new jobs or risk being displaced by AI and automation. Queue the anxiety.
There have been ongoing whispers about what roles would be
12 March 2025
Microsoft on Tuesday released security updates to address 57 security vulnerabilities in its software, including a whopping six zero-days that it said have been actively exploited in the wild.
Of the 56 flaws, six are rated Critical, 50 are rated Important, and one is rated Low in severity. Twenty-three of the addressed vulnerabilities are remote code execution bugs and 22 relate to privilege
12 March 2025
Industrial giants Siemens and Schneider Electric have released March 2025 Patch Tuesday ICS security advisories.
The post ICS Patch Tuesday: Advisories Published by CISA, Schneider Electric, Siemens appeared first on SecurityWeek.
12 March 2025
X experienced a cyberattack that caused widespread technical issues across the network.
12 March 2025
Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in "extremely sophisticated" attacks.
The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component.
It has been described as an out-of-bounds write issue that could allow an attacker to craft malicious web content such that it
11 March 2025
Kela admits that its evidence for a connection between Belsen and ZeroSevenGroup is largely circumstantial, primarily based on styles.
The post Are Threat Groups Belsen and ZeroSevenGroup Related? appeared first on SecurityWeek.
11 March 2025
Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation.
11 March 2025
Apple warns that the WebKIt bug "may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
The post Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw appeared first on SecurityWeek.
11 March 2025
Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild.
The post Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days appeared first on SecurityWeek.
11 March 2025
Adobe documents 35 security flaws in a wide range of products, including code-execution issues in the Acrobat and Reader applications.
The post Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader appeared first on SecurityWeek.