Latest Cybersecurity News and Articles

---

Cyber Insights 2025: OT Security

Just as OT technology differs from IT technology, the threats, likely adversaries, and potential harm also differ. The post Cyber Insights 2025: OT Security appeared first on SecurityWeek.

---

Cybersecurity M&A Roundup: 45 Deals Announced in January 2025

A significant number of cybersecurity-related merger and acquisition (M&A) deals announced in January 2025.  The post Cybersecurity M&A Roundup: 45 Deals Announced in January 2025 appeared first on SecurityWeek.

---

Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts

Cybercriminals are increasingly leveraging legitimate HTTP client tools to facilitate account takeover (ATO) attacks on Microsoft 365 environments. Enterprise security company Proofpoint said it observed campaigns using HTTP clients Axios and Node Fetch to send HTTP requests and receive HTTP responses from web servers with the goal of conducting ATO attacks. "Originally sourced from public

---

Global ransomware payments plunge by a third amid crackdown

Money stolen falls from record $1.25bn to $813m as more victims refuse to pay off criminal gangsRansomware payments fell by more than a third last year to $813m (£650m) as victims refused to pay cybercriminals and law enforcement cracked down on gangs, figures reveal.The decline in such cyber-attacks – where access to a computer or its data is blocked and money is then demanded to release it – came despite a number of high-profile cases in 2024, with victims including NHS trusts in the UK and the US doughnut firm Krispy Kreme. Continue reading...

---

Riot Raises $30 Million for Employee Cybersecurity Solution

Riot has raised $30 million in Series B funding for a platform that helps employees improve their cybersecurity posture. The post Riot Raises $30 Million for Employee Cybersecurity Solution appeared first on SecurityWeek.

---

850,000 individuals impacted by Globe Life ransomware incident

An estimated 850,000 individuals have been affected by a ransomware attack on Globe Life, an insurance organization.

---

Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks

A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan. "This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision making and banking sector," Seqrite Labs researcher Subhajeet Singha said in a technical report

---

Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms

150 abandoned Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies. The post Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms appeared first on SecurityWeek.

---

New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack

Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2025-23114, carries a CVSS score of 9.0 out of 10.0. "A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute arbitrary code

---

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine

Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities. The post Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine appeared first on SecurityWeek.

---

Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities

Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities. The post Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.

---

Navigating the Future: Key IT Vulnerability Management Trends 

As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that organizations increasingly prioritize more frequent IT security vulnerability assessments to identify and address potential security flaws. Staying informed on these trends can help MSPs and IT teams

---

CISA Issues Exploitation Warning for .NET Vulnerability

CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog. The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek.

---

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days

Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched. The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek.

---

AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks

A malware campaign has been observed delivering a remote access trojan (RAT) named AsyncRAT by making use of Python payloads and TryCloudflare tunnels. "AsyncRAT is a remote access trojan (RAT) that exploits the async/await pattern for efficient, asynchronous communication," Forcepoint X-Labs researcher Jyotika Singh said in an analysis. "It allows attackers to control infected systems

---

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-45195 (CVSS score: 7.5/9.8) - A forced browsing vulnerability in Apache OFBiz that allows a remote attacker to obtain unauthorized

---

Sophos Completes Acquisition of Secureworks

Sophos has completed its $859 million all-cash acquisition of SecureWorks. The post Sophos Completes Acquisition of Secureworks appeared first on SecurityWeek.

---

Exploitation of Over 700 Vulnerabilities Came to Light in 2024

The number of vulnerabilities first reported as exploited surged last year amid a decrease in zero-day reports. The post Exploitation of Over 700 Vulnerabilities Came to Light in 2024 appeared first on SecurityWeek.

---

CISO Forum Webinar: Defenders on the Frontline – Incident Response and Threat Intel Under the Microscope 

Join this panel of CISOs and threat-intel professionals for a deep-dive on aligning incident response and threat intelligence with broader business objectives. The post CISO Forum Webinar: Defenders on the Frontline – Incident Response and Threat Intel Under the Microscope  appeared first on SecurityWeek.

---

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled, English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. An investigation into the history of these communities shows their apparent co-founders quite openly operate an Internet service provider and a pair of e-commerce platforms catering to buyers and sellers on both forums.