Latest Cybersecurity News and Articles
13 February 2025
CyberArk acquires early stage Boston startup Zilla Security for $165M, expanding its identity security and IGA capabilities.
The post CyberArk Expands Identity Security Play with $165M Acquisition of Zilla Security appeared first on SecurityWeek.
13 February 2025
Millions of uninformed users have flocked to DeepSeek and share personal information without considering security or privacy risks.
The post DeepSeek Exposes Major Cybersecurity Blind Spot appeared first on SecurityWeek.
13 February 2025
A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial fraud.
"The attacker targets victims searching for documents on search engines, resulting in access to malicious PDF that contains a CAPTCHA image embedded with a phishing link, leading them to
13 February 2025
The United States and the United Kingdom have declined to sign the AI Action Summit agreement.
13 February 2025
A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors.
The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked under the names APT43, Black Banshee, Emerald Sleet, Sparkling Pisces, Springtail, TA427, and Velvet
13 February 2025
A toolset associated with China-linked espionage intrusions was employed in a ransomware attack, likely by a single individual.
The post Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job appeared first on SecurityWeek.
13 February 2025
An analysis conducted by SecurityWeek shows that 405 cybersecurity-related mergers and acquisitions were announced in 2024.
The post SecurityWeek Analysis: Over 400 Cybersecurity M&A Deals Announced in 2024 appeared first on SecurityWeek.
13 February 2025
A recent Omada report found that 95% of IT leaders see identity security as an important part of their cybersecurity strategy.
13 February 2025
Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides together without sacrificing one for the other?
We invite you to our upcoming webinar, "Opening the Fast Lane for Secure Deployments." This isn’t another tech talk full of buzzwords—it's a down-to-earth session that
13 February 2025
Jscrambler has received a $5.2 million investment from Iberis Capital to accelerate innovation and research.
The post Jscrambler Raises $5.2 Million for Code, Webpage Protection Solution appeared first on SecurityWeek.
13 February 2025
An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an individual capacity.
"During the attack in late 2024, the attacker deployed a distinct toolset that had
13 February 2025
Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability.
The post Palo Alto Networks Patches Potentially Serious Firewall Vulnerability appeared first on SecurityWeek.
13 February 2025
Threat actors are increasingly exploiting two old vulnerabilities in ThinkPHP and OwnCloud in their attacks.
The post Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges appeared first on SecurityWeek.
13 February 2025
AI is everywhere now, transforming how businesses operate and how users engage with apps, devices, and services. A lot of applications now have some Artificial Intelligence inside, whether supporting a chat interface, intelligently analyzing data or matching user preferences. No question AI benefits users, but it also brings new security challenges, especially Identity-related security
13 February 2025
Google has released a Chrome 133 update to address four high-severity vulnerabilities reported by external researchers.
The post Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability appeared first on SecurityWeek.
13 February 2025
DDoS attacks have increased in volume and magnitude from Q3-Q4 2023 to Q3-Q4 2024.
13 February 2025
Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass.
The vulnerability, tracked as CVE-2025-0108, carries a CVSS score of 7.8 out of 10.0. The score, however, drops to 5.1 if access to the management interface is restricted to a jump box.
"An authentication bypass in the Palo Alto Networks PAN-OS software enables an
13 February 2025
Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts.
The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster it tracks as REF7707. Some of the other targets include a telecommunications entity and a university,
12 February 2025
The Italian government denied it hacked seven cellphones with military-grade surveillance technology from Paragon Solutions.
The post Italian Government Denies It spied on Journalists and Migrant Activists Using Paragon Spyware appeared first on SecurityWeek.
12 February 2025
QuSecure is pitching a software-based security architecture that overlays onto current networks to help businesses with PQC migration.
The post QuSecure Banks $28M Series A for Post-Quantum Cryptography Tech appeared first on SecurityWeek.