Latest Cybersecurity News and Articles
12 August 2025
Research suggests that when systems collapse, it is most likely due to a preventable error rather than an unpredictable event.
12 August 2025
Rapid7’s analysis of dark web forums reveals a thriving market where elite hackers sell corporate network access to buyers, turning cybercrime into a streamlined business.
The post Inside the Dark Web’s Access Economy: How Hackers Sell the Keys to Enterprise Networks appeared first on SecurityWeek.
12 August 2025
A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks.
"They repeatedly tried to extract the NTDS database from domain controllers -- the primary repository for user password hashes and authentication data in a Windows network,"
12 August 2025
1Kosmos has raised $57 million in Series B funding, which brings the total raised by the company to $72 million.
The post 1Kosmos Raises $57 Million for Identity Verification and Authentication Platform appeared first on SecurityWeek.
12 August 2025
Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
The post CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual Event) appeared first on SecurityWeek.
12 August 2025
Researchers have discovered an increase in traffic to generative AI websites.
12 August 2025
SAP has released 15 new security notes on the August 2025 Patch Tuesday, including for critical vulnerabilities.
The post SAP Patches Critical S/4HANA Vulnerability appeared first on SecurityWeek.
12 August 2025
Most security tools can’t see what happens inside the browser, but that’s where the majority of work, and risk, now lives. Security leaders deciding how to close that gap often face a choice: deploy a dedicated Enterprise Browser or add an enterprise-grade control layer to the browsers employees already use and trust.
The Ultimate Battle: Enterprise Browsers vs. Enterprise Browser Extensions
12 August 2025
The recently patched Erlang/OTP flaw CVE-2025-32433 has been exploited since early May, shortly after its existence came to light.
The post OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability appeared first on SecurityWeek.
12 August 2025
The Dutch National Cyber Security Centre (NCSC-NL) has warned of cyber attacks exploiting a recently disclosed critical security flaw impacting Citrix NetScaler ADC products to breach organizations in the country.
The NCSC-NL said it discovered the exploitation of CVE-2025-6543 targeting several critical organizations within the Netherlands, and that investigations are ongoing to determine the
12 August 2025
Cyber budgets have reached the lowest growth rate in five years, with only 47% of CISOs reporting a budget increase this year.
11 August 2025
Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) communications protocol, including in its proprietary end-to-end encryption (E2EE) mechanism that exposes the system to replay and brute-force attacks, and even decrypt encrypted traffic.
Details of the vulnerabilities – dubbed 2TETRA:2BURST – were presented at the Black Hat USA
11 August 2025
Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as early as beginning of May 2025, with about 70% of detections originating from firewalls protecting operational technology (OT) networks.
The vulnerability in question is CVE-2025-32433 (CVSS score: 10.0), a missing authentication issue that could be abused by an
11 August 2025
A researcher has been given the highest reward in Google’s Chrome bug bounty program for a sandbox escape with remote code execution.
The post Chrome Sandbox Escape Earns Researcher $250,000 appeared first on SecurityWeek.
11 August 2025
New physics-based research suggests large language models could predict when their own answers are about to go wrong — a potential game changer for trust, risk, and security in AI-driven systems.
The post Managing the Trust-Risk Equation in AI: Predicting Hallucinations Before They Strike appeared first on SecurityWeek.
11 August 2025
The U.K. data watchdog warns that sharing images of shoplifters online or in store windows may violate their rights under GDPR laws.
11 August 2025
Hackers targeted Connex, one of the largest credit unions in Connecticut, and likely stole files containing personal information.
The post Connex Credit Union Data Breach Impacts 172,000 People appeared first on SecurityWeek.
11 August 2025
This week, cyber attackers are moving quickly, and businesses need to stay alert. They’re finding new weaknesses in popular software and coming up with clever ways to get around security. Even one unpatched flaw could let attackers in, leading to data theft or even taking control of your systems. The clock is ticking—if defenses aren’t updated regularly, it could lead to serious damage. The
11 August 2025
A researcher has demonstrated how a platform used by over 1,000 dealerships in the US could have been used to hack cars.
The post Flaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data Theft appeared first on SecurityWeek.
11 August 2025
The Evolution of Exposure Management
Most security teams have a good sense of what’s critical in their environment. What’s harder to pin down is what’s business-critical. These are the assets that support the processes the business can’t function without. They’re not always the loudest or most exposed. They’re the ones tied to revenue, operations, and delivery. If one goes down, it’s more than a