Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Armenian Man Extradited to US Over Ryuk Ransomware Attacks
Karen Serobovich Vardanyan pleaded not guilty to charges related to his alleged role in the Ryuk ransomware operation. The post Armenian Man Extradited to US Over Ryuk Ransomware Attacks appeared first on SecurityWeek.
Published on: July 17, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Mobile Forensics Tool Used by Chinese Law Enforcement Dissected
Deployed on mobile devices confiscated by Chinese law enforcement, Massistant can collect user information, files, and location. The post Mobile Forensics Tool Used by Chinese Law Enforcement Dissected appeared first on SecurityWeek.
Published on: July 17, 2025 | Source:Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine
An international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has been linked to a string of distributed denial-of-service (DDoS) attacks against Ukraine and its allies. The actions have led to the dismantling of a major part of the group's central server infrastructure and more than 100 systems across the world.
Published on: July 17, 2025 | Source:Security Vulnerabilities in ICEBlock
The ICEBlock tool has vulnerabilities: The developer of ICEBlock, an iOS app for anonymously reporting sightings of US Immigration and Customs Enforcement (ICE) officials, promises that it βensures user privacy by storing no personal data.β But that claim has come under scrutiny. ICEBlock creator Joshua Aaron has been accused of making false promises regarding user anonymity and privacy, being βmisguidedβ about the...
Published on: July 17, 2025 | Source:CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025
The modern-day threat landscape requires enterprise security teams to think and act beyond traditional cybersecurity measures that are purely passive and reactive, and in most cases, ineffective against emerging threats and sophisticated threat actors. Prioritizing cybersecurity means implementing more proactive, adaptive, and actionable measures that can work together to effectively address the
Published on: July 17, 2025 | Source:Trial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy Violations
An $8 billion class action investorsβ lawsuit against Meta stemming from the 2018 privacy scandal involving the Cambridge Analytica political consulting firm. The post Trial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy Violations appeared first on SecurityWeek.
Published on: July 17, 2025 | Source:VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched
Four CVEs disclosed at the Pwn2Own Berlin 2025 hacking competition have been patched in VMware products. The post VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched appeared first on SecurityWeek.
Published on: July 17, 2025 | Source:Cisco Patches Another Critical ISE Vulnerability
Cisco has released patches for multiple vulnerabilities, including a critical flaw in Cisco ISE that leads to remote code execution (RCE). The post Cisco Patches Another Critical ISE Vulnerability appeared first on SecurityWeek.
Published on: July 17, 2025 | Source:Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors
The Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken by three previously undocumented Chinese state-sponsored threat actors. "Targets of these campaigns ranged from organizations involved in the manufacturing, design, and testing of semiconductors and integrated circuits, wider equipment and services supply chain entities within this sector, as well
Published on: July 17, 2025 | Source:Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code
Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could permit an attacker to execute arbitrary code on the underlying operating system with elevated privileges. Tracked as CVE-2025-20337, the shortcoming carries a CVSS score of 10.0 and is similar to CVE-2025-20281, which was patched
Published on: July 17, 2025 | Source:Cambodia Makes 1,000 Arrests in Latest Crackdown on Cybercrime
More than 1,000 suspects were arrested in raids in at least five provinces between Monday and Wednesday, according to Information Minister Neth Pheaktra and police. The post Cambodia Makes 1,000 Arrests in Latest Crackdown on Cybercrime appeared first on SecurityWeek.
Published on: July 17, 2025 | Source:AI Driving the Adoption of Confidential Computing
After years of hanging out in the wild, confidential computing is getting closer to an AI model near you.
Published on: July 16, 2025 | Source:Oracle Fixes Critical Bug in Cloud Code Editor
The bug allowed an attacker an easy way to compromise a full suite of developer tools in Oracle Cloud Infrastructure.
Published on: July 16, 2025 | Source:ISC2 Finds Orgs Are Increasingly Leaning on AI
While many organizations are eagerly integrating AI into their workflows and cybersecurity practices, some remain undecided and even concerned about potential drawbacks of AI deployment.
Published on: July 16, 2025 | Source:House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats
The House Homeland Committee will revisit the malware to use the knowledge from the spy effort to explore the domestic threats facing the U.S. in 2025. The post House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats appeared first on CyberScoop.
Published on: July 16, 2025 | Source:Elite 'Matanbuchus 3.0' Loader Spruces Up Ransomware Infections
An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS-based C2 communication.
Published on: July 16, 2025 | Source:Women Who 'Hacked the Status Quo' Aim to Inspire Cybersecurity Careers
A group of female cybersecurity pioneers will share what they've learned about navigating a field dominated by men, in order to help other women empower themselves and pursue successful cybersecurity careers.
Published on: July 16, 2025 | Source:SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices
Google Threat Intelligence Group said a financially motivated threat group is abusing the outdated remote access VPN devices, underscoring a continued pattern of threats confronting SonicWall customers. The post SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices appeared first on CyberScoop.
Published on: July 16, 2025 | Source:Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms
Cybersecurity researchers have flagged a new variant of a known malware loader called Matanbuchus that packs in significant features to enhance its stealth and evade detection. Matanbuchus is the name given to a malware-as-a-service (MaaS) offering that can act as a conduit for next-stage payloads, including Cobalt Strike beacons and ransomware. First advertised in February 2021 on
Published on: July 16, 2025 | Source:Europol-Coordinated Global Operation Takes Down Pro-Russian Cybercrime Network
Codenamed Eastwood, the operation targeted the so-called NoName057(16) group, which was identified as being behind a series of DDoS attacks on municipalities and organizations linked to a NATO summit. The post Europol-Coordinated Global Operation Takes Down Pro-Russian Cybercrime Network appeared first on SecurityWeek.
Published on: July 16, 2025 | Source:Cognida.ai Launches Codien: An AI Agent to Modernize Legacy Test Automation and Fast-Track Test Creation
Published on: July 16, 2025 | Source:
Fully Patched SonicWall Gear Under Likely Zero-Day Attack
A threat actor with likely links to the Abyss ransomware group is leveraging an apparent zero-day vulnerability to deploy the "Overstep" backdoor on fully up-to-date appliances.
Published on: July 16, 2025 | Source:Hacking Trains
Seems like an old system system that predates any care about security: The flaw has to do with the protocol used in a train system known as the End-of-Train and Head-of-Train. A Flashing Rear End Device (FRED), also known as an End-of-Train (EOT) device, is attached to the back of a train and sends data via radio signals to a corresponding device in the locomotive called the Head-of-Train (HOT). Commands can also be...
Published on: July 16, 2025 | Source:Senate Democrats seek answers on Trump overhaul of immigrant database to find noncitizen voters
The lawmakers say the potential is high for such a system to return false positives, blocking citizens from voting. The post Senate Democrats seek answers on Trump overhaul of immigrant database to find noncitizen voters appeared first on CyberScoop.
Published on: July 16, 2025 | Source:Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation
Over a dozen law enforcement agencies took action earlier this week, resulting in multiple arrests. The post Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation appeared first on CyberScoop.
Published on: July 16, 2025 | Source:United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack
Cyberattack disrupted UNFIβs operations in June; company estimates $50β$60 million net income hit but anticipates insurance will cover most losses. The post United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack appeared first on SecurityWeek.
Published on: July 16, 2025 | Source:SonicWall SMA Appliances Targeted With New βOverstepβ Malware
A threat actor that may be financially motivated is targeting SonicWall devices with a backdoor and user-mode rootkit. The post SonicWall SMA Appliances Targeted With New βOverstepβ Malware appeared first on SecurityWeek.
Published on: July 16, 2025 | Source:Securing the Budget: Demonstrating Cybersecurity's Return
By tying security investments to measurable outcomes β like reduced breach likelihood and financial impact β CISOs can align internal stakeholders and justify spending based on real-world risk.
Published on: July 16, 2025 | Source:UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit
A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP. The malicious activity, dating back to at least October 2024, has been attributed by the Google Threat Intelligence Group (GTIG) to a hacking crew it tracks as UNC6148. The number of known
Published on: July 16, 2025 | Source:Virtual Event Today: Cloud & Data Security Summit β Tackling Exposed Attack Surfaces in the Cloud
Virtual event brings together leading experts, practitioners, and innovators for a full day of insightful discussions and tactical guidance on evolving threats and real-world defense strategies in cloud security. The post Virtual Event Today: Cloud & Data Security Summit β Tackling Exposed Attack Surfaces in the Cloud appeared first on SecurityWeek.
Published on: July 16, 2025 | Source:Compumedics Ransomware Attack Led to Data Breach Impacting 318,000
Compumedics has been targeted by the VanHelsing ransomware group, which stole files from the companyβs systems. The post Compumedics Ransomware Attack Led to Data Breach Impacting 318,000 appeared first on SecurityWeek.
Published on: July 16, 2025 | Source:Cyber Intelligence Firm iCOUNTER Emerges From Stealth With $30 Million in Funding
iCOUNTER, which helps organizations defend against targeted attacks, has launched under the helm of former Mandiant president and COO John Watters. The post Cyber Intelligence Firm iCOUNTER Emerges From Stealth With $30 Million in Funding appeared first on SecurityWeek.
Published on: July 16, 2025 | Source:Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access
Cybersecurity researchers have disclosed what they say is a "critical design flaw" in delegated Managed Service Accounts (dMSAs) introduced in Windows Server 2025. "The flaw can result in high-impact attacks, enabling cross-domain lateral movement and persistent access to all managed service accounts and their resources across Active Directory indefinitely," Semperis said in a report shared with
Published on: July 16, 2025 | Source:Google Says AI Agent Thwarted Exploitation of Critical VulnerabilityΒ
Google refused to share any details on how its Big Sleep AI foiled efforts to exploit a SQLite vulnerability in the wild. The post Google Says AI Agent Thwarted Exploitation of Critical Vulnerability appeared first on SecurityWeek.
Published on: July 16, 2025 | Source:AI Agents Act Like Employees With Root AccessβHere's How to Regain Control
The AI gold rush is on. But without identity-first security, every deployment becomes an open door. Most organizations secure native AI like a web app, but it behaves more like a junior employee with root access and no manager. From Hype to High Stakes Generative AI has moved beyond the hype cycle. Enterprises are: Deploying LLM copilots to accelerate software development Automating customer
Published on: July 16, 2025 | Source: