Latest Cybersecurity News and Articles
20 May 2025
Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts.
"These roles, often created automatically or recommended during setup, grant overly broad permissions, such as full S3
20 May 2025
The Likely Exploited Vulnerabilities (LEV) equations can help augment KEV- and EPSS-based remediation prioritization.
The post Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers appeared first on SecurityWeek.
20 May 2025
SecurityWeek’s 2025 Threat Detection & Incident Response (TDIR) Summit takes place as a virtual summit on Wednesday, May 21st.
The post Event Preview: 2025 Threat Detection & Incident Response (Virtual) Summit appeared first on SecurityWeek.
20 May 2025
AI-native security assurance firm TrustCloud has raised $15 million in a strategic funding round led by ServiceNow Ventures.
The post TrustCloud Raises $15 Million for Security Assurance Platform appeared first on SecurityWeek.
20 May 2025
In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have to handle. The findings reveal a complex picture of progress, challenges, and a shifting mindset
20 May 2025
Threat protection and intelligence firm CloudSEK raises $19 million in funding from new and existing investors.
The post CloudSEK Raises $19 Million for Threat Intelligence Platform appeared first on SecurityWeek.
20 May 2025
A vulnerability in O2’s implementation of the IMS standard resulted in user location data being exposed in network responses.
The post O2 Service Vulnerability Exposed User Location appeared first on SecurityWeek.
20 May 2025
New CISA Deputy Director Madhu Gottumukkala has joined the agency from South Dakota’s Bureau of Information and Technology.
The post Madhu Gottumukkala Officially Announced as CISA Deputy Director appeared first on SecurityWeek.
20 May 2025
Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake.
ESET, which first discovered the hacking group's intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails using
20 May 2025
Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that's targeting publicly accessible Redis servers.
The malicious activity has been codenamed RedisRaider by Datadog Security Labs.
"RedisRaider aggressively scans randomized portions of the IPv4 space and uses legitimate Redis configuration commands to execute malicious cron jobs on vulnerable systems,"
20 May 2025
Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs.
All three packages are no longer available on PyPI. The names of the Python packages are below -
checker-SaGaF (2,605 downloads)
steinlurks (1,049 downloads)
sinnercore (3,300 downloads)
19 May 2025
San Francisco incident response coordination startup banks $15 million in a Series A funding round led by Ballistic Ventures.
The post BreachRx Lands $15 Million as Investors Bet on Breach-Workflow Software appeared first on SecurityWeek.
19 May 2025
Procolored’s public website served dozens of software downloads containing information stealer malware and a backdoor.
The post Printer Company Procolored Served Infected Software for Months appeared first on SecurityWeek.
19 May 2025
Phishing threats are evolving at a pace that many security teams struggle to meet.
19 May 2025
The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility.
"Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience," the company said in a statement posted on its website.
"Robware.net and RVTools.com are the only authorized and supported websites for
19 May 2025
Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts.
"Skitnet has been sold on underground forums like RAMP since April 2024," Swiss cybersecurity company PRODAFT told The Hacker News. "However, since early 2025, we have observed multiple ransomware operators using it
19 May 2025
The UK’s Legal Aid Agency was targeted in a cyberattack in April and it recently determined that hackers have stolen sensitive data.
The post UK Legal Aid Agency Finds Data Breach Following Cyberattack appeared first on SecurityWeek.
19 May 2025
Security leaders share their thoughts on the new EU vulnerability database.
19 May 2025
Serviceaide exposed a database containing personal and medical information belonging to Catholic Health patients.
The post 480,000 Catholic Health Patients Impacted by Serviceaide Data Leak appeared first on SecurityWeek.
19 May 2025
Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a theoretical framework, CTEM now anchors today’s cybersecurity programs by continuously aligning security efforts with real-world risk.
At the heart of CTEM is the integration of Adversarial Exposure Validation (AEV), an advanced, offensive