Latest Cybersecurity News and Articles
29 October 2025
The company has built a plug-and-play photonic layer transmission system that encrypts data in transit to prevent interception.
The post CyberRidge Emerges From Stealth With $26 Million for Photonic Encryption Solution appeared first on SecurityWeek.
29 October 2025
Exploits have been available publicly for over half a year, but the bug was previously targeted only for reconnaissance.
The post XWiki Vulnerability Exploited in Cryptocurrency Mining Operation appeared first on SecurityWeek.
29 October 2025
Japan’s Dentsu has disclosed a Merkle data breach impacting clients, suppliers, and employees.
The post Ad and PR Giant Dentsu Says Hackers Stole Merkle Data appeared first on SecurityWeek.
29 October 2025
Artificial Intelligence (AI) is rapidly transforming Governance, Risk, and Compliance (GRC). It's no longer a future concept—it's here, and it's already reshaping how teams operate.
AI's capabilities are profound: it's speeding up audits, flagging critical risks faster, and drastically cutting down on time-consuming manual work. This leads to greater efficiency, higher accuracy, and a more
29 October 2025
Starting October 2026, the browser will ask users if they want to access public websites that do not use secure connections.
The post Chrome to Turn HTTPS on by Default for Public Sites appeared first on SecurityWeek.
29 October 2025
Cybersecurity researchers have discovered a set of 10 malicious npm packages that are designed to deliver an information stealer targeting Windows, Linux, and macOS systems.
"The malware uses four layers of obfuscation to hide its payload, displays a fake CAPTCHA to appear legitimate, fingerprints victims by IP address, and downloads a 24MB PyInstaller-packaged information stealer that harvests
29 October 2025
Two DELMIA Apriso flaws can be chained together to gain privileged access to the application and execute arbitrary code remotely.
The post CISA Warns of Exploited DELMIA Factory Software Vulnerabilities appeared first on SecurityWeek.
29 October 2025
Intel and AMD have published advisories after academics disclosed details of the new TEE.fail attack method.
The post New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs appeared first on SecurityWeek.
29 October 2025
Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and VulnCheck.
The vulnerabilities are listed below -
CVE-2025-6204 (CVSS score: 8.0) - A code injection vulnerability in Dassault Systèmes DELMIA Apriso that could allow an attacker to
28 October 2025
Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic. Experts says a glut of proxies from Aisuru and other sources is fueling large-scale data harvesting efforts tied to various artificial intelligence (AI) projects, helping content scrapers evade detection by routing their traffic through residential connections that appear to be regular Internet users.
28 October 2025
A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the trusted execution environment (TEE) in a computer's main processor, including Intel's Software Guard eXtensions (SGX) and Trust Domain Extensions (TDX) and AMD's Secure Encrypted Virtualization with Secure
28 October 2025
Witnesses on the Thai side of the border reported hearing explosions and seeing smoke coming from the center over the past several nights starting on Friday.
The post Stragglers From Myanmar Scam Center Raided by Army Cross Into Thailand as Buildings are Blown Up appeared first on SecurityWeek.
28 October 2025
Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns targeting Italy and Brazil to conduct device takeover (DTO) attacks.
"Herodotus is designed to perform device takeover while making first attempts to mimic human behaviour and bypass behaviour biometrics detection," ThreatFabric said in a report shared with
28 October 2025
Threat actors tied to North Korea have been observed targeting the Web3 and blockchain sectors as part of twin campaigns tracked as GhostCall and GhostHire.
According to Kaspersky, the campaigns are part of a broader operation called SnatchCrypto that has been underway since at least 2017. The activity is attributed to a Lazarus Group sub-cluster called BlueNoroff, which is also known as APT38,
28 October 2025
Approximately 40 billion records (13 TB) were found in an exposed database.
28 October 2025
The critical-severity flaw allows attackers to smuggle HTTP requests and access sensitive data, modify server files, or cause DoS conditions.
The post QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability appeared first on SecurityWeek.
28 October 2025
SimSpace provides realistic cyber ranges where organizations can test attack preparedness and validate defenses.
The post SimSpace Raises $39 Million for Cyber Range Platform appeared first on SecurityWeek.
28 October 2025
A new class of Mirai-based DDoS botnets have been launching massive attacks, but their inability to spoof traffic enables device remediation.
The post TurboMirai-Class ‘Aisuru’ Botnet Blamed for 20+ Tbps DDoS Attacks appeared first on SecurityWeek.
28 October 2025
Sublime Security’s Series C funding round brings the total raised by the company to more than $240 million.
The post Sublime Security Raises $150 Million for Email Security Platform appeared first on SecurityWeek.
28 October 2025
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Oct. 28, 2025 – Read the full story in Bizcommunity Cyber threats in South Africa are growing more sophisticated every day. According to Cybersecurity Ventures, the total cost of cybercrime globally is expected
The post Top cyber threats in South Africa appeared first on Cybercrime Magazine.