Latest Cybersecurity News and Articles
29 August 2025
Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software.
The issue, which is yet to be assigned a CVE identifier, has been addressed in Passwordstate 9.9 (Build 9972), released August 28, 2025.
The Australian company said it fixed a "potential
29 August 2025
The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to the public internet.
FreePBX is an open-source private branch exchange (PBX) platform widely used by businesses, call centers, and service providers to manage voice communications. It's built on top
29 August 2025
Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called VerifTools that peddled fraudulent identity documents to cybercriminals across the world.
To that end, two marketplace domains (verif[.]tools and veriftools[.]net) and one blog have been taken down, redirecting site visitors to a splash page stating the action was undertaken by
29 August 2025
Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than previously thought, stating it impacts all integrations.
"We now advise all Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised," Google Threat Intelligence Group (GTIG) and
29 August 2025
A new report explores consumer attitudes and awareness surrounding online identity, fraud risks and consumer data protection.
29 August 2025
Cybersecurity researchers have discovered a cybercrime campaign that's using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef.
"The objective is to lure victims into downloading and installing a trojanized PDF editor, which includes an information-stealing malware dubbed TamperedChef," Truesec researchers Mattias Wåhlén, Nicklas
28 August 2025
Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. We've since learned that these scam gambling sites have proliferated thanks to a new Russian affiliate program called "Gambler Panel" that bills itself as a "soulless project that is made for profit."
28 August 2025
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions.
Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named "ahbanC.shiba" that functioned similarly to two other extensions – ahban.shiba and ahban.cychelloworld –
28 August 2025
As cyberattacks become more sophisticated and frequent, CISOs express concern about their organization’s defensive abilities.
28 August 2025
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors.
"While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and
28 August 2025
China-linked APT ‘Salt Typhoon’ exploited known router flaws to maintain persistent access across telecom, government, and military networks, giving Beijing’s intelligence services global surveillance reach.
The post China’s Salt Typhoon Hacked Critical Infrastructure Globally for Years appeared first on SecurityWeek.
28 August 2025
CrowdStrike says the acquisition will bring valuable technology to enhance its Falcon Next-Gen SIEM.
The post CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry appeared first on SecurityWeek.
28 August 2025
Approximately 1.1 million customers have been impacted by the Farmers Insurance data breach.
28 August 2025
Picture this: Your team rolls out some new code, thinking everything's fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs millions.
Scary, right? In 2025, the average data breach hits businesses with a whopping $4.44 million bill globally. And guess what? A big
28 August 2025
Join this live discussion to learn how organizations can strengthen ransomware defenses while staying ahead of tightening compliance requirements.
The post Webinar Today: Ransomware Defense That Meets Evolving Compliance Mandates appeared first on SecurityWeek.
28 August 2025
Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average cost of a data breach worldwide was about $4.88 million. Also, in 2024, the private data of over 15 million Trello user profiles was shared on a popular hacker forum. Yet,
28 August 2025
With more than 4 million weekly downloads, the Nx build platform became the first known supply chain breach where hackers weaponized AI assistants for data theft.
The post Hackers Target Popular Nx Build System in First AI-Weaponized Supply Chain Attack appeared first on SecurityWeek.
28 August 2025
The maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the popular npm package and other auxiliary plugins with data-gathering capabilities.
"Malicious versions of the nx package, as well as some supporting plugin packages, were published to npm, containing code that scans the file system, collects credentials,
28 August 2025
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in the North Korean remote information technology (IT) worker scheme to generate illicit revenue for the regime's weapons of mass destruction and ballistic missile programs.
"The North Korean regime continues to target American
27 August 2025
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments.
"Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key,