Latest Cybersecurity News and Articles
12 June 2025
Interpol has announced a crackdown on infostealer malware in Asia as part of an effort called Operation Secure.
The post Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified appeared first on SecurityWeek.
12 June 2025
ConnectWise has disclosed that it's planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote monitoring and management (RMM) executables due to security concerns.
The company said it's doing so "due to concerns raised by a third-party researcher about how ScreenConnect handled certain configuration data in earlier versions.
12 June 2025
Cybersecurity researchers have uncovered a new account takeover (ATO) campaign that leverages an open-source penetration testing framework called TeamFiltration to breach Microsoft Entra ID (formerly Azure Active Directory) user accounts.
The activity, codenamed UNK_SneakyStrike by Proofpoint, has affected over 80,000 targeted user accounts across hundreds of organizations' cloud tenants since a
11 June 2025
Beyond potentially halting sales of physical goods, breaches can expose customers’ personal data to future phishing or fraud attempts.
The post With Retail Cyberattacks on the Rise, Customers Find Orders Blocked and Shelves Empty appeared first on SecurityWeek.
11 June 2025
Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft Teams phishing to establish persistent access to target networks.
"Recently, attackers have introduced Python script execution alongside these techniques, using cURL requests to fetch and deploy malicious payloads," ReliaQuest said in a report
11 June 2025
Cybersecurity heavyweight Securonix acquires ThreatQuotient to boost plans to build an all-in-one security operations stack.
The post Securonix Acquires Threat Intelligence Firm ThreatQuotient appeared first on SecurityWeek.
11 June 2025
Maze and its investors are betting on finding profits in software that uses AI-powered agents to automate critical parts of the process.
The post Maze Banks $25M to Tackle Cloud Security with AI Agents appeared first on SecurityWeek.
11 June 2025
Vulnerable DTResearch UEFI firmware applications can be used in BYOVD attacks to bypass Secure Boot.
The post Flaw in Industrial Computer Maker’s UEFI Apps Enables Secure Boot Bypass on Many Devices appeared first on SecurityWeek.
11 June 2025
Threat intelligence firm GreyNoise has warned of a "coordinated brute-force activity" targeting Apache Tomcat Manager interfaces.
The company said it observed a surge in brute-force and login attempts on June 5, 2025, an indication that they could be deliberate efforts to "identify and access exposed Tomcat services at scale."
To that end, 295 unique IP addresses have been found to be engaged
11 June 2025
Learn how attackers hide in plain sight—and what you can do to stop them without slowing down your business.
The post Webinar Today: Rethinking Endpoint Hardening for Today’s Attack Landscape appeared first on SecurityWeek.
11 June 2025
A security firm provides details on an incident it faced involving China-linked hackers.
11 June 2025
Patches released by Fortinet and Ivanti resolve over a dozen vulnerabilities, including high-severity flaws leading to code execution, credential leaks.
The post Fortinet, Ivanti Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
11 June 2025
Bitsight has identified over 40,000 security cameras that can be easily hacked for spying or other types of malicious activity.
The post 40,000 Security Cameras Exposed to Remote Hacking appeared first on SecurityWeek.
11 June 2025
Investigators leveraged a vulnerability dubbed DanaBleed to obtain insights into the internal operations of the DanaBot botnet.
The post Recently Disrupted DanaBot Leaked Valuable Data for 3 Years appeared first on SecurityWeek.
11 June 2025
Series E funding round brings Cyera’s total funding to over $1.3 billion and values the data security firm at $6 billion.
The post Cyera Raises $540 Million to Expand AI-Powered Data Security Platform appeared first on SecurityWeek.
11 June 2025
INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked to 69 information-stealing malware variants.
The joint action, codenamed Operation Secure, took place between January and April 2025, and involved law enforcement agencies from 26 countries to identify servers, map physical networks, and execute targeted takedowns.
"These
11 June 2025
In today’s cybersecurity landscape, much of the focus is placed on firewalls, antivirus software, and endpoint detection. While these tools are essential, one critical layer often goes overlooked: the Domain Name System (DNS). As the starting point of nearly every online interaction, DNS is not only foundational - it’s increasingly a target. When left unsecured, it becomes a single point of
11 June 2025
Horizon3.ai has raised $100 million to expand product capabilities, and to scale its partner ecosystem and federal market presence.
The post Horizon3.ai Raises $100 Million in Series D Funding appeared first on SecurityWeek.
11 June 2025
Many security professionals feel pressured to pursue leadership roles, but success can also mean going deeper, not just higher.
The post Rethinking Success in Security: Why Climbing the Corporate Ladder Isn’t Always the Goal appeared first on SecurityWeek.
11 June 2025
Google and Mozilla have released patches for a combined total of four high-severity memory bugs in Chrome and Firefox.
The post Chrome, Firefox Updates Resolve High-Severity Memory Bugs appeared first on SecurityWeek.