Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
German Authorities Take Down Crypto Swapping Service eXch
German authorities seized the servers of crypto-swapping service eXch for laundering approximately $1.9 billion in fraudulent assets. The post German Authorities Take Down Crypto Swapping Service eXch appeared first on SecurityWeek.
Published on: May 12, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
How can we counter online disinformation? | Unlocked 403 cybersecurity podcast (S2E2)
Ever wondered why a lie can spread faster than the truth? Tune in for an insightful look at disinformation and how we can fight one of the most pressing challenges facing our digital world.
Published on: May 12, 2025 | Source:Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into downloading an information stealer malware dubbed Noodlophile. "Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms โ often advertised via legitimate-looking Facebook groups and viral social media campaigns,"
Published on: May 12, 2025 | Source:Google Pays $1.375 Billion to Texas Over Unauthorized Tracking and Biometric Data Collection
Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users' personal location and maintaining their facial recognition data without consent. The $1.375 billion payment dwarfs the fines the tech giant has paid to settle similar lawsuits brought by other U.S. states. In November 2022, it paid $391 million to a group of 40
Published on: May 10, 2025 | Source:Germany Shuts Down eXch Over $1.9B Laundering, Seizes โฌ34M in Crypto and 8TB of Data
Germany's Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform. The operation was carried out on April 30, 2025, authorities said, adding they also confiscated 8 terabytes worth of data and cryptocurrency assets
Published on: May 10, 2025 | Source:SonicWall customers confront resurgence of actively exploited vulnerabilities
The network security device vendor is making a regular appearance on CISAโs known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasnโt signed the secure-by-design pledge. The post SonicWall customers confront resurgence of actively exploited vulnerabilities appeared first on CyberScoop.
Published on: May 09, 2025 | Source:Friday Squid Blogging: Japanese Divers Video Giant Squid
The video is really amazing. As usual, you can also use this squid post to talk about the security stories in the news that I havenโt covered.
Published on: May 09, 2025 | Source:Rapid7 Launches Managed Detection & Response (MDR) for Enterprise
Published on: May 09, 2025 | Source:
After Pahalgam Attack, Hacktivists Unite Under #OpIndia
Cybercriminals are flocking to take part in the newly inflamed fight between India and Pakistan.
Published on: May 09, 2025 | Source:New UK Security Guidelines Aim to Reshape Software Development
The voluntary Software Security Code of Practice is the latest initiative to come out of the United Kingdom to boost best practices in application security and software development.
Published on: May 09, 2025 | Source:LockBit Ransomware Gang Hacked, Operations Data Leaked
Exposed data from LockBit's affiliate panel includes Bitcoin addresses, private chats with victim organizations, and user information such as credentials.
Published on: May 09, 2025 | Source:Senators move to quash the use of Chinese AI system by federal contractorsย
Sens. Cassidy and Rosen cite the possibility that the use of DeepSeek to carry out contract work may put sensitive federal data in the hands of the Chinese government. The post Senators move to quash the use of Chinese AI system by federal contractors appeared first on CyberScoop.
Published on: May 09, 2025 | Source:Cyber Then & Now: Inside a 2-Decade Industry Evolution
On Dark Reading's 19-year anniversary, Editor-in-Chief Kelly Jackson Higgins stops by Informa TechTarget's RSAC 2025 Broadcast Alley studio to discuss how things have changed since the early days of breaking Windows and browsers, lingering challenges, and what's next beyond AI.
Published on: May 09, 2025 | Source:Commvault: Vulnerability Patch Works as Intended
The security researcher who questioned the effectiveness of a patch for recently disclosed bug in Commvault Command Center did not test patched version, the company says.
Published on: May 09, 2025 | Source:Insight Partners Data Breach: Bigger Impact Than Anticipated
The investigation is ongoing, but the VC giant intends to inform affected customers on a rolling basis as more of the breach details come to light.
Published on: May 09, 2025 | Source:BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. - Dutch Operation
A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that's powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to malicious actors. In conjunction with the domain seizure, Russian nationals, Alexey Viktorovich Chertkov, 37, Kirill Vladimirovich
Published on: May 09, 2025 | Source:OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie with capabilities to steal credentials from web browsers and other files. NTT Security Holdings, which detailed the new findings, said the attackers have "actively and continuously" updated the malware, introducing versions v3 and v4 in
Published on: May 09, 2025 | Source:In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak
Noteworthy stories that might have slipped under the radar: surge in cyberattacks between India and Pakistan, Radware cloud WAF vulnerabilities, xAI key leak. The post In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak appeared first on SecurityWeek.
Published on: May 09, 2025 | Source:Popular Scraping Toolโs NPM Package Compromised in Supply Chain Attack
Supply chain attack compromises the popular rand-user-agent NPM package to deploy and activate a backdoor. The post Popular Scraping Toolโs NPM Package Compromised in Supply Chain Attack appeared first on SecurityWeek.
Published on: May 09, 2025 | Source:How Security Has Changed the Hacker Marketplace
Your ultimate goal shouldn't be security perfection โ it should be making exploitation of your organization unprofitable.
Published on: May 09, 2025 | Source:160,000 Impacted by Valsoft Data Breach
VMS firm Valsoft Corporation says the personal information of over 160,000 people was compromised in a February 2025 data breach. The post 160,000 Impacted by Valsoft Data Breach appeared first on SecurityWeek.
Published on: May 09, 2025 | Source:Malicious NPM Packages Target Cursor AIโs macOS Users
Three NPM packages posing as developer tools for Cursor AI code editorโs macOS version contain a backdoor. The post Malicious NPM Packages Target Cursor AIโs macOS Users appeared first on SecurityWeek.
Published on: May 09, 2025 | Source:Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
Cybersecurity researchers are warning of a new campaign that's targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025. "The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox," Cisco Talos
Published on: May 09, 2025 | Source:Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this power comes new risks โ like data leaks, identity theft, and malicious misuse. If your company is exploring or already using AI agents, you need to ask:Are they secure? AI agents work with sensitive data and make real-time decisions. If theyโre not
Published on: May 09, 2025 | Source:Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor. "Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor's
Published on: May 09, 2025 | Source:Beyond Vulnerability Management โ Can You CVE What I CVE?
The Vulnerability Treadmill The reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited and patching everything immediately is a struggle. Our Vulnerability Operation Center (VOC) dataset analysis identified 1,337,797 unique findings (security issues) across 68,500 unique customer assets. 32,585 of them were distinct
Published on: May 09, 2025 | Source:SAP Zero-Day Targeted Since January, Many Sectors Impactedย
Hundreds of SAP NetWeaver instances hacked via a zero-day that allows remote code execution, not only arbitrary file uploads, as initially believed. The post SAP Zero-Day Targeted Since January, Many Sectors Impacted appeared first on SecurityWeek.
Published on: May 09, 2025 | Source:Company and Personal Data Compromised in Recent Insight Partners Hackย
VC firm Insight Partners is informing partners and employees that their information was exposed in the January 2025 cyberattack. The post Company and Personal Data Compromised in Recent Insight Partners Hack appeared first on SecurityWeek.
Published on: May 09, 2025 | Source:Catching a phish with many faces
Hereโs a brief dive into the murky waters of shape-shifting attacks that leverage dedicated phishing kits to auto-generate customized login pages on the fly
Published on: May 09, 2025 | Source:LockBit Ransomware Admin Panel Hacked, Leaks Reveal Inside Details
Private messages, Bitcoin addresses, victim data, and attacker information were leaked after someone hacked a LockBit admin panel. The post LockBit Ransomware Admin Panel Hacked, Leaks Reveal Inside Details appeared first on SecurityWeek.
Published on: May 09, 2025 | Source:Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
Google on Thursday announced it's rolling out new artificial intelligence (AI)-powered countermeasures to combat scams across Chrome, Search, and Android. The tech giant said it will begin using Gemini Nano, its on-device large language model (LLM), to improve Safe Browsing in Chrome 137 on desktops. "The on-device approach provides instant insight on risky websites and allows us to offer
Published on: May 09, 2025 | Source:Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver. Forescout Vedere Labs, in a report published Thursday, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025. CVE-2025-31324 refers to a critical SAP NetWeaver flaw
Published on: May 09, 2025 | Source:Sen. Murphy: Trump administration has โillegally gutted funding for cybersecurityโ
Heโs the latest Democrat who sits on an appropriations panel to sharply criticize CISA personnel reductions and proposed funding cuts. The post Sen. Murphy: Trump administration has โillegally gutted funding for cybersecurityโ appeared first on CyberScoop.
Published on: May 08, 2025 | Source:SonicWall Issues Patch for Exploit Chain in SMA Devices
Three vulnerabilities in SMA 100 gateways could facilitate root RCE attacks, and one of the vulnerabilities has already been exploited in the wild.
Published on: May 08, 2025 | Source:Email-Based Attacks Top Cyber-Insurance Claims
Cyber-insurance carrier Coalition said business email compromise and funds transfer fraud accounted for 60% of claims in 2024.
Published on: May 08, 2025 | Source: