Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks
A Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US. The post Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks appeared first on SecurityWeek.
Published on: May 23, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors
A Chinese espionage group has been chaining two recent Ivanti EPMM vulnerabilities in attacks against organizations in multiple critical sectors. The post Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors appeared first on SecurityWeek.
Published on: May 23, 2025 | Source:U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation
The U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russia-based cybercrime organization. The malware, the DoJ said, infected more than 300,000
Published on: May 23, 2025 | Source:GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts
Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. GitLab Duo is an artificial intelligence (AI)-powered coding assistant that enables users to write,
Published on: May 23, 2025 | Source:DanaBot malware operation seized in global takedown
The successful break-up of DanaBot marks the second high-profile law enforcement disruption of a widespread malware operation in as many days. The post DanaBot malware operation seized in global takedown appeared first on CyberScoop.
Published on: May 22, 2025 | Source:Oops: DanaBot Malware Devs Infected Their Own PCs
The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware....
Published on: May 22, 2025 | Source:Picus Launches Exposure Validation to Safely Deprioritize CVEs
Published on: May 22, 2025 | Source:
Following Data Breach, Multiple Stalkerware Apps Go Offline
The same easily exploitable vulnerability was found in three of the apps that led to the compromise of victims' data.
Published on: May 22, 2025 | Source:Russian Threat Actor TAG-110 Goes Phishing in Tajikistan
While Ukraine remains Russia's major target for cyberattacks, TAG-110 is part of a strategy to preserve "a post-Soviet sphere of influence" by embedding itself in other countries' infrastructures.
Published on: May 22, 2025 | Source:Danabot: Analyzing a fallen empire
ESET Research shares its findings on the workings of Danabot, an infostealer recently disrupted in a multinational law enforcement operation
Published on: May 22, 2025 | Source:3am Ransomware Adopts Email Bombing, Vishing Combo Attack
The emerging threat group is the latest to adopt the combo attack tactic, which Black Basta and other groups already are using to gain initial access for ransomware deployment.
Published on: May 22, 2025 | Source:3AM Ransomware Adopts Email Bombing, Vishing Combo Attack
The emerging threat group is the latest to adopt the combo attack tactic, which Black Basta and other groups already are using to gain initial access for ransomware deployment.
Published on: May 22, 2025 | Source:UK Retail Cyberattacks May Drive Up US Insurance Premiums
Insurance experts weigh in on how the recent barrage of attacks against UK retailers could affect premium rates and policy requirements, as well as how to work toward improving risk assessment.
Published on: May 22, 2025 | Source:CISA: Russia's Fancy Bear Targeting Logistics, IT Firms
The mission is to gather information that could help Russia in its war against Ukraine.
Published on: May 22, 2025 | Source:Akamai, Microsoft Disagree on Severity of Unpatched βBadSuccessorβ Flaw
Akamai documents a privilege escalation flaw in Windows Server 2025 after Redmond declines to ship an immediate patch. The post Akamai, Microsoft Disagree on Severity of Unpatched βBadSuccessorβ Flaw appeared first on SecurityWeek.
Published on: May 22, 2025 | Source:Blurring Lines Between Scattered Spider & Russian Cybercrime
The loosely affiliated hacking group has shifted closer to ransomware gangs, raising questions about Scattered Spider's ties to the Russian cybercrime underground.
Published on: May 22, 2025 | Source:Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks
A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. "UAT-6382 successfully exploited CVE-2025-0944, conducted reconnaissance, and rapidly deployed a variety of web shells and custom-made malware to maintain long-term access," Cisco Talos researchers
Published on: May 22, 2025 | Source:Senators revive bill to harmonize conflicting cybersecurity regulations
The legislation Sens. Gary Peters and James Lankford would create an executive branch panel to align federal cyber rules. The post Senators revive bill to harmonize conflicting cybersecurity regulations appeared first on CyberScoop.
Published on: May 22, 2025 | Source:Lumma Stealer: Down for the count
The bustling cybercrime enterprise has been dealt a significant blow in a global operation that relied on the expertise of ESET and other technology companies
Published on: May 22, 2025 | Source:Security Threats of Open Source AI Exposed by DeepSeek
DeepSeek's risks must be carefully considered, and ultimately mitigated, in order to enjoy the many benefits of generative AI in a manner that is safe and secure for all organizations and users.
Published on: May 22, 2025 | Source:Keeping LLMs on the Rails Poses Design, Engineering Challenges
Despite adding alignment training, guardrails, and filters, large language models continue to give up secrets, make unfiltered statements, and provide dangerous information.
Published on: May 22, 2025 | Source:Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise
A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directory (AD). "The attack exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows Server 2025, works with the default configuration, and is trivial to implement," Akamai security researcher Yuval Gordon said in a
Published on: May 22, 2025 | Source:Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, tracked as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), could be chained to execute arbitrary code on a
Published on: May 22, 2025 | Source:Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People
Marlboro-Chesterfield Pathology has been targeted by the SafePay ransomware group, which stole personal information from its systems. The post Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People appeared first on SecurityWeek.
Published on: May 22, 2025 | Source:Webinar: Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program
Itβs not enough to be secure. In todayβs legal climate, you need to prove it. Whether youβre protecting a small company or managing compliance across a global enterprise, one thing is clear: cybersecurity can no longer be left to guesswork, vague frameworks, or best-effort intentions. Regulators and courts are now holding organizations accountable for how βreasonableβ their security programs are
Published on: May 22, 2025 | Source:Identity Security Has an Automation ProblemβAnd It's Bigger Than You Think
For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on peopleβnot systemsβto function. In fact, fewer than 4% of security teams have fully automated their core identity workflows. Core workflows, like
Published on: May 22, 2025 | Source:The Voter Experience
Technology and innovation have transformed every part of society, including our electoral experiences. Campaigns are spending and doing more than at any other time in history. Ever-growing war chests fuel billions of voter contacts every cycle. Campaigns now have better ways of scaling outreach methods and offer volunteers and donors more efficient ways to contribute time and money. Campaign staff have adapted to vast...
Published on: May 22, 2025 | Source:Critical Versa Concerto Flaws Let Attackers Escape Docker and Compromise Hosts
Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited to take control of susceptible instances. It's worth noting that the identified shortcomings remain unpatched despite responsible disclosure on February 13, 2025, prompting a public release of the issues
Published on: May 22, 2025 | Source:Unpatched Versa Concerto Flaws Let Attackers Escape Docker and Compromise Host
Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited to take control of susceptible instances. It's worth noting that the identified shortcomings remain unpatched despite responsible disclosure on February 13, 2025, prompting a public release of the issues
Published on: May 22, 2025 | Source:Security Theater or Real Defense? The KPIs That Tell the Truth
In the end, cybersecurity isnβt just about collecting data. Itβs about proving that your defenses actually work. The post Security Theater or Real Defense? The KPIs That Tell the Truth appeared first on SecurityWeek.
Published on: May 22, 2025 | Source:Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isnβt Enough
Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust. The post Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isnβt Enough appeared first on SecurityWeek.
Published on: May 22, 2025 | Source:GitLab's AI Assistant Opened Devs to Code Theft
Prompt injection risks in GitLab's AI assistant could have allowed attackers to steal source code, or indirectly deliver developers malware, dirty links, and more.
Published on: May 22, 2025 | Source:Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities
Cisco published 10 security advisories detailing over a dozen vulnerabilities, including two high-severity flaws in its Identity Services Engine (ISE) and Unified Intelligence Center. The post Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities appeared first on SecurityWeek.
Published on: May 22, 2025 | Source:FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections
A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma (aka LummaC or LummaC2), seizing 2,300 domains that acted as the command-and-control (C2) backbone to commandeer infected Windows systems. "Malware like LummaC2 is deployed to steal
Published on: May 22, 2025 | Source:SideWinder APT Caught Spying on India's Neighbor Gov'ts
A recent spear-phishing campaign against countries in South Asia aligns with broader political tensions in the region.
Published on: May 22, 2025 | Source: