Latest Cybersecurity News and Articles
08 August 2025
A new documentary series about cybercrime airing next month on HBO Max features interviews with Yours Truly. The four-part series follows the exploits of Julius Kivimäki, a prolific Finnish hacker recently convicted of leaking tens of thousands of patient records from an online psychotherapy practice while attempting to extort the clinic and its patients.
08 August 2025
Researchers demonstrate how multi-turn “storytelling” attacks bypass prompt-level filters, exposing systemic weaknesses in GPT-5’s defenses.
The post Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise appeared first on SecurityWeek.
08 August 2025
Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
The post CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds appeared first on SecurityWeek.
08 August 2025
Cybersecurity researchers are drawing attention to a new campaign that's using legitimate generative artificial intelligence (AI)-powered website building tools like DeepSite AI and BlackBox AI to create replica phishing pages mimicking Brazilian government agencies as part of a financially motivated campaign.
The activity involves the creation of lookalike sites imitating Brazil's State
08 August 2025
CISA has released a malware and forensic analysis platform.
08 August 2025
As attackers target help desks and identity systems, traditional security perimeters are proving insufficient against agile, socially-engineered threats.
The post Help Desk at Risk: Scattered Spider Shines Light on Overlook Threat Vector appeared first on SecurityWeek.
08 August 2025
On August 5, dialysis firm DaVita confirmed a data breach affecting over 900,000 individuals. The breach potentially exposed Social Security Numbers and personal health information.
08 August 2025
Noteworthy stories that might have slipped under the radar: federal court filing system hack, Chanel data breach, emergency CISA directive.
The post In Other News: Nvidia Says No to Backdoors, Satellite Hacking, Energy Sector Assessment appeared first on SecurityWeek.
08 August 2025
Many companies are showcasing their products and services this week at the 2025 edition of the Black Hat conference in Las Vegas.
The post Black Hat USA 2025 – Summary of Vendor Announcements (Part 4) appeared first on SecurityWeek.
08 August 2025
When an organization’s credentials are leaked, the immediate consequences are rarely visible—but the long-term impact is far-reaching. Far from the cloak-and-dagger tactics seen in fiction, many real-world cyber breaches begin with something deceptively simple: a username and password.
According to Verizon’s 2025 Data Breach Investigations Report, leaked credentials accounted for 22% of breaches
08 August 2025
A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging services to steal credentials from unsuspecting users.
The activity is assessed to be active since at least March 2023, according to the software supply chain security company Socket. Cumulatively, the gems have been
08 August 2025
Columbia University has been targeted in a cyberattack where hackers stole the personal information of students, applicants, and employees.
The post Columbia University Data Breach Impacts 860,000 appeared first on SecurityWeek.
08 August 2025
Bouygues has been targeted in a cyberattack that resulted in the personal information of millions of customers getting compromised.
The post French Telecom Firm Bouygues Says Data Breach Affects 6.4M Customers appeared first on SecurityWeek.
08 August 2025
A newly discovered campaign dubbed GreedyBear has leveraged over 150 malicious extensions to the Firefox marketplace that are designed to impersonate popular cryptocurrency wallets and steal more than $1 million in digital assets.
The published browser add-ons masquerade as MetaMask, TronLink, Exodus, and Rabby Wallet, among others, Koi Security researcher Tuval Admoni said.
What makes the
07 August 2025
The threat actors behind the SocGholish malware have been observed leveraging Traffic Distribution Systems (TDSs) like Parrot TDS and Keitaro TDS to filter and redirect unsuspecting users to sketchy content.
"The core of their operation is a sophisticated Malware-as-a-Service (MaaS) model, where infected systems are sold as initial access points to other cybercriminal organizations," Silent Push
07 August 2025
SonicWall has been investigating reports about a zero-day potentially being exploited in ransomware attacks, but found no evidence of a new vulnerability.
The post SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability appeared first on SecurityWeek.
07 August 2025
Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems.
"At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes it in memory," Socket security
07 August 2025
Many companies are showcasing their products and services this week at the 2025 edition of the Black Hat conference in Las Vegas.
The post Black Hat USA 2025 – Summary of Vendor Announcements (Part 3) appeared first on SecurityWeek.
07 August 2025
Airlines Air France and KLM have disclosed a data breach stemming from unauthorized access to a third-party platform.
The post Air France, KLM Say Hackers Accessed Customer Data appeared first on SecurityWeek.
07 August 2025
CISA and Microsoft have issued advisories for CVE-2025-53786, a high-severity flaw allowing privilege escalation in cloud environments.
The post Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment appeared first on SecurityWeek.