Latest Cybersecurity News and Articles
27 March 2025
A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play.
The connection stems from the use of a custom tool that's designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in
27 March 2025
Interview with Taylor Pyle, a Cybersecurity Engineer at Viasat on her experience with both cyber and mentorship.
The post The Importance of Allyship for Women in Cyber appeared first on SecurityWeek.
27 March 2025
GetReal Security has raised $17.5 million in series A funding to combat deepfakes, impersonation, and other AI-generated threats.
The post GetReal Security Raises $17.5 Million to Tackle Gen-AI Threats appeared first on SecurityWeek.
27 March 2025
US defense contractor MORSE Corp has agreed to pay $4.6 million to settle allegations over its cybersecurity failures.
The post Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations appeared first on SecurityWeek.
27 March 2025
ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software.
The post Ransomware Groups Increasingly Adopting EDR Killer Tools appeared first on SecurityWeek.
27 March 2025
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country.
Cybersecurity company CYFIRMA has attributed the campaign with medium confidence to a threat actor called APT36, which is also known as
27 March 2025
Whether it’s CRMs, project management tools, payment processors, or lead management tools - your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration, but these fall short for protecting against shadow SaaS, data damage, and more.
A new report, Understanding SaaS Security Risks: Why
27 March 2025
T-Mobile paid $33 million in a private arbitration process over a SIM swap attack leading to cryptocurrency theft.
The post T-Mobile Coughed Up $33 Million in SIM Swap Lawsuit appeared first on SecurityWeek.
27 March 2025
Forescout has found dozens of vulnerabilities in solar power systems from Sungrow, Growatt and SMA.
The post More Solar System Vulnerabilities Expose Power Grids to Hacking appeared first on SecurityWeek.
27 March 2025
Straiker has emerged from stealth mode with a solution designed to help enterprises secure AI agents and applications.
The post AI Security Firm Straiker Emerges From Stealth With $21M in Funding appeared first on SecurityWeek.
27 March 2025
Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office files are still one of the easiest ways into a victim’s system.
Here are the top three Microsoft Office-based exploits still making the rounds this year and what you need to know to avoid them.
1.
27 March 2025
An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date.
"The threat actor has slightly revamped their interface but is still relying on an iframe injection to display a full-screen overlay in the visitor's browser," c/side security analyst Himanshu
27 March 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities are listed below -
CVE-2019-9874 (CVSS score: 9.8) - A deserialization vulnerability in the Sitecore.Security.AntiCSRF
27 March 2025
A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation.
SnapCenter is an enterprise-focused software that's used to manage data protection across applications, databases, virtual machines, and file systems, offering the ability to backup, restore, and clone data resources.
The vulnerability, tracked as
26 March 2025
OpenAI has raised its maximum bug bounty payout to $100,000 (up from $20,000) for high-impact flaws in its infrastructure and products.
The post OpenAI Offering $100K Bounties for Critical Vulnerabilities appeared first on SecurityWeek.
26 March 2025
An Atlantic article published by Jeffery Goldberg on March 24, 2025 alleges that Goldberg was accidentally included in a group chat detailing classified security information.
26 March 2025
The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to deliver its flagship backdoor SparrowDoor and ShadowPad.
The activity, observed in July 2024, marks the first time the hacking crew has deployed ShadowPad, a malware widely shared by Chinese state-sponsored actors.
"FamousSparrow
26 March 2025
Exploitation of Windows MMC zero-day is being pinned on a ransomware gang known as EncryptHub (an affiliate of RansomHub)
The post Russian Ransomware Gang Exploited Windows Zero-Day Before Patch appeared first on SecurityWeek.
26 March 2025
AMTSO has developed a Sandbox Evaluation Framework to standardize the testing of malware analysis solutions.
The post AMTSO Releases Sandbox Evaluation Framework appeared first on SecurityWeek.
26 March 2025
The late-stage startup said the round was led Coatue Management and brings Island’s total external funding to approximately $730 million.
The post Island Banks $250M Series E for Enterprise Browser appeared first on SecurityWeek.