Latest Cybersecurity News and Articles
05 June 2025
Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of proxy and anonymity services nested at some of America's largest Internet service providers (ISPs).
05 June 2025
Censys researchers follow some clues and find hundreds of control-room dashboards for US water utilities on the public internet.
The post Misconfigured HMIs Expose US Water Systems to Anyone with a Browser appeared first on SecurityWeek.
05 June 2025
Harrods, Marks & Spencer, Adidas and more — why are retailers facing this wave of cyberattacks in recent months?
05 June 2025
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks.
"Several widely used extensions [...] unintentionally transmit sensitive data over simple HTTP," Yuanjing Guo, a security researcher in the Symantec's Security Technology and Response
05 June 2025
The threat actor known as Bitter has been assessed to be a state-backed hacking group that's tasked with gathering intelligence that aligns with the interests of the Indian government.
That's according to new findings jointly published by Proofpoint and Threatray in an exhaustive two-part analysis.
"Their diverse toolset shows consistent coding patterns across malware families, particularly in
05 June 2025
A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters.
The post Backdoored Open Source Malware Repositories Target Novice Cybercriminals appeared first on SecurityWeek.
05 June 2025
Cellebrite and Corellium, whose names have been mentioned in spyware stories, are joining forces to provide advanced investigative solutions.
The post Controversial Firms Cellebrite and Corellium Announce $200 Million Acquisition Deal appeared first on SecurityWeek.
05 June 2025
Security leaders share their thoughts on the importance of compliance and trust for certificate authorities.
05 June 2025
Sagar Steven Singh and Nicholas Ceraolo, members of the Vile group, get prison sentences for identity theft and hacking.
The post Men Who Hacked Law Enforcement Database for Doxing Sentenced to Prison appeared first on SecurityWeek.
05 June 2025
Researchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check.
The post ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware appeared first on SecurityWeek.
05 June 2025
Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same question: what is the business getting in return? CISOs respond with reports on controls and vulnerability counts – but executives want to understand risk in terms of financial exposure, operational impact, and avoiding loss.
The
05 June 2025
Play ransomware attacks have hit roughly 900 organizations and recently involved the exploitation of SimpleHelp vulnerabilities.
The post FBI Aware of 900 Organizations Hit by Play Ransomware appeared first on SecurityWeek.
05 June 2025
An Iran-aligned hacking group has been attributed to a new set of cyber attacks targeting Kurdish and Iraqi government officials in early 2024.
The activity is tied to a threat group ESET tracks as BladedFeline, which is assessed with medium confidence to be a sub-cluster within OilRig, a known Iranian nation-state cyber actor. It's said to be active since September 2017, when it targeted
05 June 2025
Authorities seized 145 domains associated with BidenCash, a marketplace for stolen credit cards and personal information.
The post Carding Marketplace BidenCash Shut Down by Authorities appeared first on SecurityWeek.
05 June 2025
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains associated with an illicit carding marketplace called BidenCash.
"The operators of the BidenCash marketplace use the platform to simplify the process of buying and selling stolen credit cards and associated personal information," the DoJ said. "BidenCash
05 June 2025
Lee Enterprises has completed its investigation into the recent ransomware attack and confirmed that a data breach occurred.
The post Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach appeared first on SecurityWeek.
05 June 2025
The Interlock ransomware group has leaked data allegedly stolen from Kettering Health in a recent cyberattack.
The post Ransomware Gang Leaks Alleged Kettering Health Data appeared first on SecurityWeek.
05 June 2025
China issued warrants for 20 Taiwanese people it said carried out hacking missions in the Chinese mainland on behalf of the island’s ruling party.
The post China Issues Warrants for Alleged Taiwanese Hackers and Bans a Business for Pro-Independence Links appeared first on SecurityWeek.
05 June 2025
Germany fined Vodafone $51 million for failing to protect user data from partners and unauthorized third-parties.
The post Vodafone Germany Fined $51 Million Over Privacy, Security Failures appeared first on SecurityWeek.
05 June 2025
Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems.
The security defect, tracked as CVE-2025-20286, carries a CVSS score of 9.9 out of 10.0. It has been described as a static credential vulnerability.
"A