Latest Cybersecurity News and Articles
06 March 2025
The transaction is valued in the range of $120 million and gives Armis an on-premises CPS solution
The post Armis Acquires Otorio to Expand OT and CPS Security Suite appeared first on SecurityWeek.
06 March 2025
The $1.4 billion ByBit cryptocurrency heist combined social engineering, stolen AWS session tokens, MFA bypasses and a rigged JavaScript file.
The post How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist appeared first on SecurityWeek.
06 March 2025
Many organizations are increasing fraud prevention budgets and teams.
06 March 2025
The House of Representatives has passed a bill aimed at requiring federal contractors to have a Vulnerability Disclosure Policy (VDP).
The post Federal Contractor Cybersecurity Bill Passes House appeared first on SecurityWeek.
06 March 2025
Matthew Akande was extradited to the US to face charges for his role in hacking into Massachusetts tax preparation firms’ networks.
The post Nigerian Accused of Hacking Tax Preparation Firms Extradited to US appeared first on SecurityWeek.
06 March 2025
A group of financial organizations is asking CISA to rescind and reissue its proposed implementation of CIRCIA.
The post Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation appeared first on SecurityWeek.
06 March 2025
Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution.
The vulnerability, tracked as CVE-2025-25012, carries a CVSS score of 9.9 out of a maximum of 10.0. It has been described as a case of prototype pollution.
"Prototype pollution in Kibana leads to
06 March 2025
A second iteration of the BadBox botnet that affected over one million Android devices has been partially disrupted.
The post BadBox Botnet Powered by 1 Million Android Devices Disrupted appeared first on SecurityWeek.
06 March 2025
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT.
"EncryptHub has been observed targeting users of popular applications, by distributing trojanized versions," Outpost24 KrakenLabs said in a new report shared with The
06 March 2025
The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated attacks witnessing a 42% increase between 2023 and 2024.
In the first two months of 2025 alone, the group has claimed over 40 attacks, according to data from the Symantec Threat Hunter Team said in a report shared with The Hacker News. The
06 March 2025
AIceberg has launched a solution that helps governments and enterprises with the safe, secure and compliant adoption of AI.
The post AIceberg Gets $10 Million in Seed Funding for AI Security Platform appeared first on SecurityWeek.
06 March 2025
Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on periodic assessments or static vulnerability lists to stay secure. Instead, they need a dynamic approach that provides real-time insights into how attackers move through their environment.
This is where attack graphs come in. By mapping potential attack paths
06 March 2025
Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors.
"Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed," c/side researcher Himanshu Anand said in a Wednesday analysis.
The malicious JavaScript code has been found to be served via cdn.csyndication[
06 March 2025
Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days.
The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first on SecurityWeek.
06 March 2025
A report on the state of IT work shares notable trends and challenges IT teams are facing.
06 March 2025
The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally.
The individuals include two officers of the People's Republic of China's (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private PRC company, Anxun
05 March 2025
i-Soon employees charged with conducting extensive hacking campaigns on behalf of Beijing’s security services.
The post US Indicts China’s iSoon ‘Hackers-for-Hire’ Operatives appeared first on SecurityWeek.
05 March 2025
Nearly 100% of c-level executives have had information exposed in a data breach, with an average of 43 data breaches or compilations per executive.
05 March 2025
SpecterOps has raised an unusually large $75 million Series B funding round to accelerate the growth of its BloodHound Enterprise platform.
The post SpecterOps Scores $75M Series B to Scale BloodHound Enterprise Platform appeared first on SecurityWeek.
05 March 2025
Vishing attacks rose by 442% from the first half of 2024 to the second.