Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UXUnited Natural Foods loses up to $400M in sales after cyberattack
The food distributor and wholesaler completely shut down its systems upon discovering the attack last month, yet core systems were restored and normal operating capacity returned within three weeks. The post United Natural Foods loses up to $400M in sales after cyberattack appeared first on CyberScoop.
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Cisco Discloses '10' Flaw in ISE, ISE-PIC — Patch Now
Cisco just disclosed a critical severity flaw in its ISE and ISE-PIC products, joining two similar bugs disclosed last month.
Printer Security Gaps: A Broad, Leafy Avenue to Compromise
Security teams aren't patching firmware promptly, no one's vetting the endpoints before purchase, and visibility into potential dangers is limited — despite more and more cyberattackers targeting printers as a matter of course.
Armenian Extradited to US Over Ryuk Ransomware
The suspect faces three charges for his alleged crimes that could earn him up to five years in federal prison, and a heap of fines.
Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. "The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use," Cisco Talos researchers Chris Neal and Craig Jackson
Watch on Demand: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud
Virtual event brings together leading experts, practitioners, and innovators for a full day of insightful discussions and tactical guidance on evolving threats and real-world defense strategies in cloud security. The post Watch on Demand: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud appeared first on SecurityWeek.
Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerability in Apache HTTP Server version 2.4.49 that could result in remote code execution. "The attacker leverages
Why Cybersecurity Still Matters for America's Schools
Cyberattacks on educational institutions are growing. But with budget constraints and funding shortfalls, leadership teams are questioning whether — and how — they can keep their institutions safe.
Empirical Security Raises $12 Million for AI-Driven Vulnerability Management
Cybersecurity startup Empirical Security has raised $12 million in seed funding for its vulnerability management platform. The post Empirical Security Raises $12 Million for AI-Driven Vulnerability Management appeared first on SecurityWeek.
China-Backed Salt Typhoon Hacks US National Guard for Nearly a Year
Between March and December of last year, infamous Chinese state-sponsored APT Salt Typhoon gained access to sensitive US National Guard data.
Armenian Man Extradited to US Over Ryuk Ransomware Attacks
Karen Serobovich Vardanyan pleaded not guilty to charges related to his alleged role in the Ryuk ransomware operation. The post Armenian Man Extradited to US Over Ryuk Ransomware Attacks appeared first on SecurityWeek.
Mobile Forensics Tool Used by Chinese Law Enforcement Dissected
Deployed on mobile devices confiscated by Chinese law enforcement, Massistant can collect user information, files, and location. The post Mobile Forensics Tool Used by Chinese Law Enforcement Dissected appeared first on SecurityWeek.
Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine
An international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has been linked to a string of distributed denial-of-service (DDoS) attacks against Ukraine and its allies. The actions have led to the dismantling of a major part of the group's central server infrastructure and more than 100 systems across the world.
Security Vulnerabilities in ICEBlock
The ICEBlock tool has vulnerabilities: The developer of ICEBlock, an iOS app for anonymously reporting sightings of US Immigration and Customs Enforcement (ICE) officials, promises that it “ensures user privacy by storing no personal data.” But that claim has come under scrutiny. ICEBlock creator Joshua Aaron has been accused of making false promises regarding user anonymity and privacy, being “misguided” about the...
CTEM vs ASM vs Vulnerability Management: What Security Leaders Need to Know in 2025
The modern-day threat landscape requires enterprise security teams to think and act beyond traditional cybersecurity measures that are purely passive and reactive, and in most cases, ineffective against emerging threats and sophisticated threat actors. Prioritizing cybersecurity means implementing more proactive, adaptive, and actionable measures that can work together to effectively address the
Trial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy Violations
An $8 billion class action investors’ lawsuit against Meta stemming from the 2018 privacy scandal involving the Cambridge Analytica political consulting firm. The post Trial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy Violations appeared first on SecurityWeek.
VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched
Four CVEs disclosed at the Pwn2Own Berlin 2025 hacking competition have been patched in VMware products. The post VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched appeared first on SecurityWeek.
Cisco Patches Another Critical ISE Vulnerability
Cisco has released patches for multiple vulnerabilities, including a critical flaw in Cisco ISE that leads to remote code execution (RCE). The post Cisco Patches Another Critical ISE Vulnerability appeared first on SecurityWeek.
Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors
The Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken by three previously undocumented Chinese state-sponsored threat actors. "Targets of these campaigns ranged from organizations involved in the manufacturing, design, and testing of semiconductors and integrated circuits, wider equipment and services supply chain entities within this sector, as well
Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code
Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could permit an attacker to execute arbitrary code on the underlying operating system with elevated privileges. Tracked as CVE-2025-20337, the shortcoming carries a CVSS score of 10.0 and is similar to CVE-2025-20281, which was patched
Cambodia Makes 1,000 Arrests in Latest Crackdown on Cybercrime
More than 1,000 suspects were arrested in raids in at least five provinces between Monday and Wednesday, according to Information Minister Neth Pheaktra and police. The post Cambodia Makes 1,000 Arrests in Latest Crackdown on Cybercrime appeared first on SecurityWeek.
AI Driving the Adoption of Confidential Computing
After years of hanging out in the wild, confidential computing is getting closer to an AI model near you.
Oracle Fixes Critical Bug in Cloud Code Editor
The bug allowed an attacker an easy way to compromise a full suite of developer tools in Oracle Cloud Infrastructure.
ISC2 Finds Orgs Are Increasingly Leaning on AI
While many organizations are eagerly integrating AI into their workflows and cybersecurity practices, some remain undecided and even concerned about potential drawbacks of AI deployment.
House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats
The House Homeland Committee will revisit the malware to use the knowledge from the spy effort to explore the domestic threats facing the U.S. in 2025. The post House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats appeared first on CyberScoop.
Elite 'Matanbuchus 3.0' Loader Spruces Up Ransomware Infections
An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS-based C2 communication.
Women Who 'Hacked the Status Quo' Aim to Inspire Cybersecurity Careers
A group of female cybersecurity pioneers will share what they've learned about navigating a field dominated by men, in order to help other women empower themselves and pursue successful cybersecurity careers.
SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices
Google Threat Intelligence Group said a financially motivated threat group is abusing the outdated remote access VPN devices, underscoring a continued pattern of threats confronting SonicWall customers. The post SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices appeared first on CyberScoop.
Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms
Cybersecurity researchers have flagged a new variant of a known malware loader called Matanbuchus that packs in significant features to enhance its stealth and evade detection. Matanbuchus is the name given to a malware-as-a-service (MaaS) offering that can act as a conduit for next-stage payloads, including Cobalt Strike beacons and ransomware. First advertised in February 2021 on
Europol-Coordinated Global Operation Takes Down Pro-Russian Cybercrime Network
Codenamed Eastwood, the operation targeted the so-called NoName057(16) group, which was identified as being behind a series of DDoS attacks on municipalities and organizations linked to a NATO summit. The post Europol-Coordinated Global Operation Takes Down Pro-Russian Cybercrime Network appeared first on SecurityWeek.
Cognida.ai Launches Codien: An AI Agent to Modernize Legacy Test Automation and Fast-Track Test Creation
Fully Patched SonicWall Gear Under Likely Zero-Day Attack
A threat actor with likely links to the Abyss ransomware group is leveraging an apparent zero-day vulnerability to deploy the "Overstep" backdoor on fully up-to-date appliances.
Hacking Trains
Seems like an old system system that predates any care about security: The flaw has to do with the protocol used in a train system known as the End-of-Train and Head-of-Train. A Flashing Rear End Device (FRED), also known as an End-of-Train (EOT) device, is attached to the back of a train and sends data via radio signals to a corresponding device in the locomotive called the Head-of-Train (HOT). Commands can also be...
Senate Democrats seek answers on Trump overhaul of immigrant database to find noncitizen voters
The lawmakers say the potential is high for such a system to return false positives, blocking citizens from voting. The post Senate Democrats seek answers on Trump overhaul of immigrant database to find noncitizen voters appeared first on CyberScoop.
Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation
Over a dozen law enforcement agencies took action earlier this week, resulting in multiple arrests. The post Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation appeared first on CyberScoop.