Latest Cybersecurity News and Articles
24 April 2025
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities.
"This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes," Netcraft said in a new report shared with The Hacker News.
"
24 April 2025
Combined with AI, polymorphic phishing emails have become highly sophisticated, creating more personalized and evasive messages that result in higher attack success rates.
The post AI-Powered Polymorphic Phishing Is Changing the Threat Landscape appeared first on SecurityWeek.
24 April 2025
The Evolving Healthcare Cybersecurity Landscape
Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security approaches are proving inadequate. According to recent statistics, the healthcare sector
24 April 2025
The FBI received roughly 860,000 complaints of malicious activity in 2024, with reported losses exceeding $16.6 billion.
The post FBI: Cybercrime Losses Surpassed $16.6 Billion in 2024 appeared first on SecurityWeek.
24 April 2025
A critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution on affected installations.
The vulnerability, tracked as CVE-2025-34028, carries a CVSS score of 9.0 out of a maximum of 10.0.
"A critical security vulnerability has been identified in the Command Center installation, allowing remote attackers to execute arbitrary code without
24 April 2025
Blue Shield of California says a website misconfiguration exposed the health information of its members to Google.
The post Blue Shield of California Data Breach Impacts 4.7 Million People appeared first on SecurityWeek.
24 April 2025
Cisco is investigating the impact of the Erlang/OTP remote code execution vulnerability CVE-2025-32433 on its products.
The post Cisco Confirms Some Products Impacted by Critical Erlang/OTP Flaw appeared first on SecurityWeek.
24 April 2025
Yale New Haven Health System recently discovered that the personal information of millions of patients was stolen from its systems.
The post 5.5 Million Patients Affected by Data Breach at Yale New Haven Health appeared first on SecurityWeek.
24 April 2025
WhatsApp has introduced an extra layer of privacy called Advanced Chat Privacy that allows users to block participants from sharing the contents of a conversation in traditional chats and groups.
"This new setting available in both chats and groups helps prevent others from taking content outside of WhatsApp for when you may want extra privacy," WhatsApp said in a statement.
The optional feature
23 April 2025
A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk's Department of Government Efficiency (DOGE) siphoned gigabytes of data from the agency's sensitive case files in early March. The whistleblower said accounts created for DOGE at the NLRB downloaded three code repositories from GitHub. Further investigation into one of those code bundles shows it is remarkably similar to a program published in January 2025 by Marko Elez, a 25-year-old DOGE employee who has worked at a number of Musk's companies.
23 April 2025
Multiple threat activity clusters with ties to North Korea (aka Democratic People's Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space.
"The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy sanctions that have been placed on North Korea," Google-owned Mandiant said in
23 April 2025
Identity protection startup AuthMind has announced raising $19.3 million in a seed funding round led by Cheyenne Ventures.
The post AuthMind Raises $19.3 Million in Seed Funding appeared first on SecurityWeek.
23 April 2025
Research reveals mass scanning and exploitation campaigns associated with Proton66.
23 April 2025
Desired Effect provides an ethical vulnerability exchange marketplace to help defenders get ahead of attackers.
The post Ethical Zero Day Marketplace Desired Effect Emerges From Stealth appeared first on SecurityWeek.
23 April 2025
Endor Labs has raised $93 million in a Series B funding round and announced a major expansion of its AppSec platform.
The post Endor Labs Raises $93 Million for AppSec Platform appeared first on SecurityWeek.
23 April 2025
The cash infusion brings Chainguard’s total funding to about $612 million since launching in 2021 and prices the company at $3.5 billion.
The post Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation appeared first on SecurityWeek.
23 April 2025
The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024.
Google-owned Mandiant described UNC2428 as a threat actor aligned with Iran that engages in cyber espionage-related operations. The intrusion set is said to have distributed the malware through a "complex
23 April 2025
A recent report by KnowBe4 found that the energy sector has faced a rising number of cyberattacks and other threats, specifically within Europe.
23 April 2025
A security researcher has discovered hundreds of leaked secrets by restoring files deleted from GitHub repositories.
The post Files Deleted From GitHub Repos Leak Valuable Secrets appeared first on SecurityWeek.
23 April 2025
Cybersecurity researchers have revealed that Russian military personnel are the target of a new malicious campaign that distributes Android spyware under the guise of the Alpine Quest mapping software.
"The attackers hide this trojan inside modified Alpine Quest mapping software and distribute it in various ways, including through one of the Russian Android app catalogs," Doctor Web said in an