Stay Updated with the Latest Tech News


Get ahead of the curve with the latest insights, trends, and analysis in the tech world.


Browse by Category

Printer Security Gaps: A Broad, Leafy Avenue to Compromise

Security teams aren't patching firmware promptly, no one's vetting the endpoints before purchase, and visibility into potential dangers is limited β€” despite more and more cyberattackers targeting printers as a matter of course.

Published on: July 17, 2025 | Source: Dark Reading favicon Dark Reading

Armenian Extradited to US Over Ryuk Ransomware

The suspect faces three charges for his alleged crimes that could earn him up to five years in federal prison, and a heap of fines.

Published on: July 17, 2025 | Source: Dark Reading favicon Dark Reading

Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters

Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. "The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use," Cisco Talos researchers Chris Neal and Craig Jackson

Published on: July 17, 2025 | Source: The Hacker News favicon The Hacker News

Watch on Demand: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud

Virtual event brings together leading experts, practitioners, and innovators for a full day of insightful discussions and tactical guidance on evolving threats and real-world defense strategies in cloud security. The post Watch on Demand: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud appeared first on SecurityWeek.

Published on: July 17, 2025 | Source: SecurityWeek favicon SecurityWeek

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerability in Apache HTTP Server version 2.4.49 that could result in remote code execution. "The attacker leverages

Published on: July 17, 2025 | Source: The Hacker News favicon The Hacker News

Why Cybersecurity Still Matters for America's Schools

Cyberattacks on educational institutions are growing. But with budget constraints and funding shortfalls, leadership teams are questioning whether β€” and how β€” they can keep their institutions safe.

Published on: July 17, 2025 | Source: Dark Reading favicon Dark Reading

Empirical Security Raises $12 Million for AI-Driven Vulnerability Management

Cybersecurity startup Empirical Security has raised $12 million in seed funding for its vulnerability management platform. The post Empirical Security Raises $12 Million for AI-Driven Vulnerability Management appeared first on SecurityWeek.

Published on: July 17, 2025 | Source: SecurityWeek favicon SecurityWeek

China-Backed Salt Typhoon Hacks US National Guard for Nearly a Year

Between March and December of last year, infamous Chinese state-sponsored APT Salt Typhoon gained access to sensitive US National Guard data.

Published on: July 17, 2025 | Source: Dark Reading favicon Dark Reading

Armenian Man Extradited to US Over Ryuk Ransomware Attacks

Karen Serobovich Vardanyan pleaded not guilty to charges related to his alleged role in the Ryuk ransomware operation. The post Armenian Man Extradited to US Over Ryuk Ransomware Attacks appeared first on SecurityWeek.

Published on: July 17, 2025 | Source: SecurityWeek favicon SecurityWeek

Mobile Forensics Tool Used by Chinese Law Enforcement Dissected

Deployed on mobile devices confiscated by Chinese law enforcement, Massistant can collect user information, files, and location. The post Mobile Forensics Tool Used by Chinese Law Enforcement Dissected appeared first on SecurityWeek.

Published on: July 17, 2025 | Source: SecurityWeek favicon SecurityWeek

Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine

An international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has been linked to a string of distributed denial-of-service (DDoS) attacks against Ukraine and its allies. The actions have led to the dismantling of a major part of the group's central server infrastructure and more than 100 systems across the world.

Published on: July 17, 2025 | Source: The Hacker News favicon The Hacker News

Security Vulnerabilities in ICEBlock

The ICEBlock tool has vulnerabilities: The developer of ICEBlock, an iOS app for anonymously reporting sightings of US Immigration and Customs Enforcement (ICE) officials, promises that it β€œensures user privacy by storing no personal data.” But that claim has come under scrutiny. ICEBlock creator Joshua Aaron has been accused of making false promises regarding user anonymity and privacy, being β€œmisguided” about the...

Published on: July 17, 2025 | Source: Schneier on Security favicon Schneier on Security

CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025

The modern-day threat landscape requires enterprise security teams to think and act beyond traditional cybersecurity measures that are purely passive and reactive, and in most cases, ineffective against emerging threats and sophisticated threat actors. Prioritizing cybersecurity means implementing more proactive, adaptive, and actionable measures that can work together to effectively address the

Published on: July 17, 2025 | Source: The Hacker News favicon The Hacker News

Trial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy Violations

An $8 billion class action investors’ lawsuit against Meta stemming from the 2018 privacy scandal involving the Cambridge Analytica political consulting firm. The post Trial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy Violations appeared first on SecurityWeek.

Published on: July 17, 2025 | Source: SecurityWeek favicon SecurityWeek

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched

Four CVEs disclosed at the Pwn2Own Berlin 2025 hacking competition have been patched in VMware products. The post VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched appeared first on SecurityWeek.

Published on: July 17, 2025 | Source: SecurityWeek favicon SecurityWeek

Cisco Patches Another Critical ISE Vulnerability

Cisco has released patches for multiple vulnerabilities, including a critical flaw in Cisco ISE that leads to remote code execution (RCE). The post Cisco Patches Another Critical ISE Vulnerability appeared first on SecurityWeek.

Published on: July 17, 2025 | Source: SecurityWeek favicon SecurityWeek

Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors

The Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken by three previously undocumented Chinese state-sponsored threat actors. "Targets of these campaigns ranged from organizations involved in the manufacturing, design, and testing of semiconductors and integrated circuits, wider equipment and services supply chain entities within this sector, as well

Published on: July 17, 2025 | Source: The Hacker News favicon The Hacker News

Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code

Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could permit an attacker to execute arbitrary code on the underlying operating system with elevated privileges. Tracked as CVE-2025-20337, the shortcoming carries a CVSS score of 10.0 and is similar to CVE-2025-20281, which was patched

Published on: July 17, 2025 | Source: The Hacker News favicon The Hacker News

Cambodia Makes 1,000 Arrests in Latest Crackdown on Cybercrime

More than 1,000 suspects were arrested in raids in at least five provinces between Monday and Wednesday, according to Information Minister Neth Pheaktra and police. The post Cambodia Makes 1,000 Arrests in Latest Crackdown on Cybercrime appeared first on SecurityWeek.

Published on: July 17, 2025 | Source: SecurityWeek favicon SecurityWeek

AI Driving the Adoption of Confidential Computing

After years of hanging out in the wild, confidential computing is getting closer to an AI model near you.

Published on: July 16, 2025 | Source: Dark Reading favicon Dark Reading

Oracle Fixes Critical Bug in Cloud Code Editor

The bug allowed an attacker an easy way to compromise a full suite of developer tools in Oracle Cloud Infrastructure.

Published on: July 16, 2025 | Source: Dark Reading favicon Dark Reading

ISC2 Finds Orgs Are Increasingly Leaning on AI

While many organizations are eagerly integrating AI into their workflows and cybersecurity practices, some remain undecided and even concerned about potential drawbacks of AI deployment.

Published on: July 16, 2025 | Source: Dark Reading favicon Dark Reading

House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats

The House Homeland Committee will revisit the malware to use the knowledge from the spy effort to explore the domestic threats facing the U.S. in 2025. The post House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats appeared first on CyberScoop.

Published on: July 16, 2025 | Source: CyberScoop favicon CyberScoop

Elite 'Matanbuchus 3.0' Loader Spruces Up Ransomware Infections

An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS-based C2 communication.

Published on: July 16, 2025 | Source: Dark Reading favicon Dark Reading

Women Who 'Hacked the Status Quo' Aim to Inspire Cybersecurity Careers

A group of female cybersecurity pioneers will share what they've learned about navigating a field dominated by men, in order to help other women empower themselves and pursue successful cybersecurity careers.

Published on: July 16, 2025 | Source: Dark Reading favicon Dark Reading

SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices

Google Threat Intelligence Group said a financially motivated threat group is abusing the outdated remote access VPN devices, underscoring a continued pattern of threats confronting SonicWall customers. The post SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices appeared first on CyberScoop.

Published on: July 16, 2025 | Source: CyberScoop favicon CyberScoop

Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms

Cybersecurity researchers have flagged a new variant of a known malware loader called Matanbuchus that packs in significant features to enhance its stealth and evade detection. Matanbuchus is the name given to a malware-as-a-service (MaaS) offering that can act as a conduit for next-stage payloads, including Cobalt Strike beacons and ransomware. First advertised in February 2021 on

Published on: July 16, 2025 | Source: The Hacker News favicon The Hacker News

Europol-Coordinated Global Operation Takes Down Pro-Russian Cybercrime Network

Codenamed Eastwood, the operation targeted the so-called NoName057(16) group, which was identified as being behind a series of DDoS attacks on municipalities and organizations linked to a NATO summit. The post Europol-Coordinated Global Operation Takes Down Pro-Russian Cybercrime Network appeared first on SecurityWeek.

Published on: July 16, 2025 | Source: SecurityWeek favicon SecurityWeek

Fully Patched SonicWall Gear Under Likely Zero-Day Attack

A threat actor with likely links to the Abyss ransomware group is leveraging an apparent zero-day vulnerability to deploy the "Overstep" backdoor on fully up-to-date appliances.

Published on: July 16, 2025 | Source: Dark Reading favicon Dark Reading

Hacking Trains

Seems like an old system system that predates any care about security: The flaw has to do with the protocol used in a train system known as the End-of-Train and Head-of-Train. A Flashing Rear End Device (FRED), also known as an End-of-Train (EOT) device, is attached to the back of a train and sends data via radio signals to a corresponding device in the locomotive called the Head-of-Train (HOT). Commands can also be...

Published on: July 16, 2025 | Source: Schneier on Security favicon Schneier on Security

Senate Democrats seek answers on Trump overhaul of immigrant database to find noncitizen voters

The lawmakers say the potential is high for such a system to return false positives, blocking citizens from voting. The post Senate Democrats seek answers on Trump overhaul of immigrant database to find noncitizen voters appeared first on CyberScoop.

Published on: July 16, 2025 | Source: CyberScoop favicon CyberScoop

Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation

Over a dozen law enforcement agencies took action earlier this week, resulting in multiple arrests. The post Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation appeared first on CyberScoop.

Published on: July 16, 2025 | Source: CyberScoop favicon CyberScoop

United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack

Cyberattack disrupted UNFI’s operations in June; company estimates $50–$60 million net income hit but anticipates insurance will cover most losses. The post United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack appeared first on SecurityWeek.

Published on: July 16, 2025 | Source: SecurityWeek favicon SecurityWeek

SonicWall SMA Appliances Targeted With New β€˜Overstep’ Malware

A threat actor that may be financially motivated is targeting SonicWall devices with a backdoor and user-mode rootkit. The post SonicWall SMA Appliances Targeted With New β€˜Overstep’ Malware appeared first on SecurityWeek.

Published on: July 16, 2025 | Source: SecurityWeek favicon SecurityWeek