Latest Cybersecurity News and Articles
Securing CI/CD workflows with Wazuh
21 May 2025
Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in modern software development, ensuring code is consistently tested, built, and deployed quickly and efficiently.
While CI/CD automation accelerates software delivery, it can also introduce security
US Student to Plead Guilty Over PowerSchool Hack
21 May 2025
Matthew Lane allegedly hacked PowerSchool using stolen credentials and admitted to extorting a telecoms provider.
The post US Student to Plead Guilty Over PowerSchool Hack appeared first on SecurityWeek.
How to Detect Phishing Attacks Faster: Tycoon2FA Example
21 May 2025
It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the access they need. Left undetected, these threats can lead to credential theft, unauthorized access, and even full-scale breaches. As phishing techniques become more evasive, they can no longer be reliably caught by automated solutions alone.
Let’s take
Cellcom Service Disruption Caused by Cyberattack
21 May 2025
Wireless carrier Cellcom has confirmed that a week-long widespread service outage is the result of a cyberattack.
The post Cellcom Service Disruption Caused by Cyberattack appeared first on SecurityWeek.
Google DeepMind Unveils Defense Against Indirect Prompt Injection Attacks
21 May 2025
Google DeepMind has developed an ongoing process to counter the continuously evolving threatIndirect prompt injection (IPI) attacks.
The post Google DeepMind Unveils Defense Against Indirect Prompt Injection Attacks appeared first on SecurityWeek.
Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities
21 May 2025
Wiz warns that threat actors are chaining two recent Ivanti vulnerabilities to achieve unauthenticated remote code execution.
The post Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities appeared first on SecurityWeek.
Virtual Event Today: Threat Detection & Incident Response (TDIR) Summit
21 May 2025
SecurityWeek’s 2025 Threat Detection & Incident Response (TDIR) Summit takes place as a virtual summit on Wednesday, May 21st.
The post Virtual Event Today: Threat Detection & Incident Response (TDIR) Summit appeared first on SecurityWeek.
Up to 25% of Internet-Exposed ICS Are Honeypots: Researchers
21 May 2025
Many of the industrial control system (ICS) instances seen in internet scanning are likely or possibly honeypots, not real devices.
The post Up to 25% of Internet-Exposed ICS Are Honeypots: Researchers appeared first on SecurityWeek.
Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps
21 May 2025
Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese adult-content Progressive Web App (PWA) scam.
"While the payload itself is nothing new (yet another adult gambling scam), the delivery method stands out," c/side researcher Himanshu Anand said in a Tuesday analysis.
"The malicious landing
Ransomware Attack Forces Kettering Health to Cancel Procedures
21 May 2025
Kettering Health has canceled inpatient and outpatient procedures as it deals with a system-wide outage caused by a ransomware attack.
The post Ransomware Attack Forces Kettering Health to Cancel Procedures appeared first on SecurityWeek.
Critical OpenPGP.js Vulnerability Allows Spoofing
21 May 2025
An OpenPGP.js vulnerability tracked as CVE-2025-47934 allows message signature verification to be spoofed.
The post Critical OpenPGP.js Vulnerability Allows Spoofing appeared first on SecurityWeek.
Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager
21 May 2025
Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user's password when it detects the credentials to be compromised.
"When Chrome detects a compromised password during sign in, Google Password Manager prompts the user with an option to fix it automatically," Google's Ashima Arora, Chirag Desai, and Eiji Kitamura said. "On
What to do if you can’t get into your Facebook or Instagram account
21 May 2025
How to prove your identity after your account gets hacked and how to improve security for the futurePhone lost or stolen? Practical steps to restore peace of mindUK passport lost or stolen? Here are the steps you need to takeYour Facebook or Instagram account can be your link to friends, a profile for your work or a key to other services, so losing access can be very worrying. Here’s what to do if the worst happens.If you have access to the phone number or email account associated with your Facebook or Instagram account, try to reset your password by clicking on the “Forgot password?” link on the main Facebook or Instagram login screen. Follow the instructions in the email or text message you receive.If you no longer have access to the email account linked to your Facebook account, use a device with which you have previously logged into Facebook and go to facebook.com/login/identify. Enter any email address or phone number you might have associated with your account, or find your username which is the string of characters after Facebook.com/ on your page. Click on “No longer have access to these?”, “Forgotten account?” or “Recover” and follow the instructions to prove your identity and reset your password.If your account was hacked, visit facebook.com/hacked or instagram.com/hacked/ on a device you have previously used to log in and follow the instructions. Visit the help with a hacked account page for Facebook or Instagram.Change the password to something strong, long and unique, such as a combination of random words or a memorable lyric or quote. Avoid simple or guessable combinations. Use a password manager to help you remember it and other important details.Turn on two-step verification in the “password and security” section of the Accounts Centre. Use an authentication app or security key for this, not SMS codes. Save your recovery codes somewhere safe in case you lose access to your two-step authentication method.Turn on “unrecognised login” alerts in the “password and security” section of the Accounts Centre, which will alert you to any suspicious login activity.Remove any suspicious “friends” from your account – these could be fake accounts or scammers.If you are eligible, turn on “advanced protection for Facebook” in the “password and security” section of the Accounts Centre. Continue reading...
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS
20 May 2025
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand. Read on for more about the botnet, the attack, and the apparent creator of this global menace.
The Truth Is Always in the Code: Why Security Starts With Visibility
20 May 2025
The software security field is ever-changing, but one principle remains constant: the truth is always in the code.
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery
20 May 2025
A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System (DNS) records.
The hijacked domains are then used to host URLs that direct users to scams and malware via traffic distribution systems (TDSes), according to
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads
20 May 2025
An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code.
"The actor creates websites that masquerade as legitimate services, productivity tools, ad and media creation or analysis
NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch
20 May 2025
VMware patches flaws that expose users to data leakage, command execution and denial-of-service attacks. No temporary workarounds available.
The post NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch appeared first on SecurityWeek.
Critical Software Vulnerabilities Rose 37% in 2024
20 May 2025
A recent software vulnerability report by Action1 found a 61% year-over-year surge in discovered software vulnerabilities and a 96% spike in exploited vulnerabilities throughout 2024.
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware
20 May 2025
High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder.
"The attackers used spear phishing emails paired with geofenced payloads to ensure that only victims in specific countries received the malicious content," Acronis researchers Santiago Pontiroli, Jozsef Gegeny, and Prakas