Latest Cybersecurity News and Articles
09 July 2025
New Samsung Galaxy features include protections for on-device AI, expanded cross-device threat detection, and quantum-resistant encryption for network security.
The post Samsung Announces Security Improvements for Galaxy Smartphones appeared first on SecurityWeek.
09 July 2025
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of a North Korean hacking group called Andariel for their role in the infamous remote information technology (IT) worker scheme.
The Treasury said Song Kum Hyok, a 38-year-old North Korean national with an address in the Chinese province of Jilin, enabled the fraudulent operation by using
09 July 2025
Industrial solutions providers Siemens, Schneider Electric and Phoenix Contact have released July 2025 Patch Tuesday ICS security advisories.
The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact appeared first on SecurityWeek.
09 July 2025
Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform’s Community Edition.
A recent standout is a workflow that handles malware alerts with CrowdStrike, Oomnitza, GitHub, and PagerDuty. Developed by Lucas Cantor at
09 July 2025
Multiple vulnerabilities in Ruckus Wireless management products could be exploited to fully compromise the managed environments.
The post Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking appeared first on SecurityWeek.
09 July 2025
Nova Scotia Power is notifying individuals affected by the recent data breach, including in the United States.
The post Canadian Electric Utility Says Power Meters Disrupted by Cyberattack appeared first on SecurityWeek.
09 July 2025
A Chinese national has been arrested in Milan, Italy, for his alleged links to a state-sponsored hacking group known as Silk Typhoon and for carrying out cyber attacks against American organizations and government agencies.
The 33-year-old, Xu Zewei, has been charged with nine counts of wire fraud and conspiracy to cause damage to and obtain information by unauthorized access to protected
09 July 2025
Ivanti, Fortinet, and Splunk have released patches for critical- and high-severity vulnerabilities in their products.
The post Ivanti, Fortinet, Splunk Release Security Updates appeared first on SecurityWeek.
09 July 2025
For the first time in 2025, Microsoft's Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but acknowledged one of the addressed flaws had been publicly known.
The patches resolve a whopping 130 vulnerabilities, along with 10 other non-Microsoft CVEs that affect Visual Studio, AMD, and its Chromium-based Edge browser. Of these 10 are rated Critical and the
09 July 2025
Xu Zewei has been arrested on charges that he is a member of the Chinese state-sponsored hacking group Hafnium (Silk Typhoon).
The post Alleged Chinese State Hacker Wanted by US Arrested in Italy appeared first on SecurityWeek.
08 July 2025
Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft's most-dire "critical" rating, meaning they could be exploited to seize control over vulnerable Windows PCs with little or no help from users.
08 July 2025
Adobe patches were also released for medium-severity flaws in After Effects, Audition, Dimension, Experience Manager Screens, FrameMaker, Illustrator, Substance 3D Stager, and Substance 3D Viewer.
The post Adobe Patches Critical Code Execution Bugs appeared first on SecurityWeek.
08 July 2025
Patch Tuesday July 2025: Microsoft rolled out fixes for 130 vulnerabilities, including a zero-day in SQL Server.
The post Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday appeared first on SecurityWeek.
08 July 2025
The warning came after the department discovered that an impostor attempted to reach out to at least three foreign ministers, a U.S. senator and a governor.
The post Impostor Uses AI to Impersonate Rubio and Contact Foreign and US Officials appeared first on SecurityWeek.
08 July 2025
In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute stealer malware.
The company behind the software said a company that had recently purchased Shellter Elite licenses leaked their copy, prompting malicious actors to weaponize the tool for
08 July 2025
A stolen copy of Shellter Elite shows how easily legitimate security tools can be repurposed by threat actors when vetting and oversight fail.
The post Legitimate Shellter Pen-Testing Tool Used in Malware Attacks appeared first on SecurityWeek.
08 July 2025
Cybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target users in North America using malicious apps published on Google's official app marketplace.
The malware, disguised as a "PDF Update" to a document viewer app, has been caught serving a deceptive overlay when users attempt to access their banking application, claiming
08 July 2025
As organizations rush to adopt agentic AI, security leaders must confront the growing risk of invisible threats and new attack vectors.
The post The Wild Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore appeared first on SecurityWeek.
08 July 2025
LLMs have been observed leading users to phishing links.
08 July 2025
Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times.
The compromise, per ReversingLabs, occurred via a GitHub pull request that was opened by a user named Airez299 on June 17, 2025.
First released by 7finney in 2022, Ethcode is a VS Code extension that's used to