Latest Cybersecurity News and Articles
01 May 2025
For over a decade, application security teams have faced a brutal irony: the more advanced the detection tools became, the less useful their results proved to be. As alerts from static analysis tools, scanners, and CVE databases surged, the promise of better security grew more distant. In its place, a new reality took hold—one defined by alert fatigue and overwhelmed teams.
According to OX
01 May 2025
Russian companies have been targeted as part of a large-scale phishing campaign that's designed to deliver a known malware called DarkWatchman.
Targets of the attacks include entities in the media, tourism, finance and insurance, manufacturing, retail, energy, telecom, transport, and biotechnology sectors, Russian cybersecurity company F6 said.
The activity is assessed to be the work of a
01 May 2025
Ascension is notifying over 100,000 people that their personal information was stolen in a data breach potentially linked to the Cleo hack.
The post Ascension Discloses Data Breach Potentially Linked to Cleo Hack appeared first on SecurityWeek.
01 May 2025
SentinelOne has shared some information on the types of threat actors that have targeted the security firm recently.
The post SentinelOne Targeted by North Korean IT Workers, Ransomware Groups, Chinese Hackers appeared first on SecurityWeek.
01 May 2025
Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access.
"This activity has affected a small number of customers we have in common with Microsoft, and we are working with those customers to provide assistance," the company
01 May 2025
SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild.
The vulnerabilities in question are listed below -
CVE-2023-44221 (CVSS score: 7.2) - Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to
01 May 2025
This World Password Day, cybersecurity leaders are reflecting on how far passwords have come, and how much farther they have to go.
30 April 2025
A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. U.S. prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States and abroad, and that he personally controlled more than $26 million stolen from victims.
30 April 2025
As the field of artificial intelligence (AI) continues to evolve at a rapid pace, new research has found how techniques that render the Model Context Protocol (MCP) susceptible to prompt injection attacks could be used to develop security tooling or identify malicious tools, according to a new report from Tenable.
MCP, launched by Anthropic in November 2024, is a framework designed to connect
30 April 2025
The OpenEoX model proposes a shared data format that can be integrated into SBOMs, security advisories, and other ecosystem tools.
The post Tech Giants Propose Standard For End-of-Life Security Disclosures appeared first on SecurityWeek.
30 April 2025
New data notes an increase in cybersecurity concern among tech executives.
30 April 2025
Hundreds of companies are showcasing their products and services this week at the 2025 edition of the RSA Conference in San Francisco.
The post RSA Conference 2025 Announcement Summary (Day 2) appeared first on SecurityWeek.
30 April 2025
How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore.
Today’s attackers don’t need to “hack” in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip through unnoticed. Once inside, they can take over accounts, move laterally, and cause long-term damage—all without
30 April 2025
A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks.
"Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and
30 April 2025
Meta has released new Llama protection tools to help the open source AI community build more secure applications.
The post Meta Releases Llama AI Open Source Protection Tools appeared first on SecurityWeek.
30 April 2025
Everyone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this:
“The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my shows were gone. Everything was in Spanish and there were all these Spanish shows I’ve never seen
30 April 2025
Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022.
RomCom "employs advanced evasion techniques, including living-off-the-land (LOTL) tactics and encrypted command and control (C2) communications, while continuously evolving its infrastructure – leveraging
30 April 2025
Cybersecurity researchers have revealed that RansomHub's online infrastructure has "inexplicably" gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation.
Singaporean cybersecurity company Group-IB said that this may have caused affiliates to migrate to Qilin, given that "disclosures on its DLS [data leak site] have doubled since
30 April 2025
France says the Russian state-sponsored group APT28 is responsible for targeting or compromising a dozen French entities.
The post France Blames Russia for Cyberattacks on Dozen Entities appeared first on SecurityWeek.
30 April 2025
Vulnerabilities in Apple’s AirPlay protocol could have allowed attackers to execute code remotely without user interaction.
The post AirPlay Vulnerabilities Expose Apple Devices to Zero-Click Takeover appeared first on SecurityWeek.