Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Cynomi Raises $37 Million Series B to Expand Its vCISO Platform
Cynomi announced a new $37 million Series B funding to grow its AI-powered vCISO platform for MSPs and MSSPs. The post Cynomi Raises $37 Million Series B to Expand Its vCISO Platform appeared first on SecurityWeek.
Published on: April 26, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion
Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS. The IAB has been assessed with medium confidence to be a financially motivated threat actor, scanning for vulnerable systems and deploying a custom malware called LAGTOY (aka HOLERUN). "LAGTOY can be
Published on: April 26, 2025 | Source:Browser Security Firm SquareX Raises $20 Million
SquareX offers what it has dubbed a βBrowser Detection and Response (BDR)β solution. The post Browser Security Firm SquareX Raises $20 Million appeared first on SecurityWeek.
Published on: April 25, 2025 | Source:Friday Squid Blogging: Squid Facts on Your Phone
Text βSQUIDβ to 1-833-SCI-TEXT for daily squid facts. The website has merch. As usual, you can also use this squid post to talk about the security stories in the news that I havenβt covered.
Published on: April 25, 2025 | Source:House bill seeks better tech to combat financial fraud scams against elderly
The legislation calls on federal law enforcement to help state, local and tribal agencies with blockchain and other investigative tools to fight pig butchering and other schemes. The post House bill seeks better tech to combat financial fraud scams against elderly appeared first on CyberScoop.
Published on: April 25, 2025 | Source:Mobile Applications: A Cesspool of Security Issues
An analysis of more than a half-million mobile apps find encryption problems, privacy issues, and known vulnerabilities in third-party code. What can users and developers do?
Published on: April 25, 2025 | Source:SAP zero-day vulnerability under widespread active exploitation
Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability. The post SAP zero-day vulnerability under widespread active exploitation appeared first on CyberScoop.
Published on: April 25, 2025 | Source:North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry β BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co) β to spread
Published on: April 25, 2025 | Source:How Organizations Can Leverage Cyber Insurance Effectively
By focusing on prevention, education, and risk transfer through insurance, organizations β especially SMEs β can protect themselves from the rapidly escalating threats of cyberattacks.
Published on: April 25, 2025 | Source:Lattica Emerges From Stealth With FHE Platform for AI
Lattica has raised $3.25 million in pre-seed funding for a platform that uses FHE to enable AI models to process encrypted data. The post Lattica Emerges From Stealth With FHE Platform for AI appeared first on SecurityWeek.
Published on: April 25, 2025 | Source:M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat
Mandiantβs latest threat report shows how attackers adapt faster than defenses, shifting strategies toward credential theft and insider threats. The post M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat appeared first on SecurityWeek.
Published on: April 25, 2025 | Source:Vehicles Face 45% More Attacks, 4 Times More Hackers
Two kinds of attacks are in high gear: ransomware attacks against OEMs and compromised electric vehicle chargers, according to data from Q1 2025.
Published on: April 25, 2025 | Source:Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy
With over 12,000 breaches analyzed, this yearβs DBIR reveals a landscape shaped by not just individual threats, but by entire economies of compromise. The post Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy appeared first on SecurityWeek.
Published on: April 25, 2025 | Source:Phishing Kit Darcula Gets Lethal AI Upgrade
Recently added artificial intelligence capabilities on the Chinese-language Darcula phishing-as-a-service platform make phishing attacks easy for even the least technical hackers.
Published on: April 25, 2025 | Source:Manifest Raises $15 Million for SBOM Management Platform
Software and AI supply chain transparency firm Manifest has raised $15 million in a Series A funding round led by Ensemble VC. The post Manifest Raises $15 Million for SBOM Management Platform appeared first on SecurityWeek.
Published on: April 25, 2025 | Source:In Other News: Prison for Disney Hacker, MITRE ATT&CK v17, Massive DDoS Botnet
Noteworthy stories that might have slipped under the radar: former Disney employee sent to prison for hacking, MITRE releases ATT&CK v17, DDoS botnet powered by 1.3 million devices. The post In Other News: Prison for Disney Hacker, MITRE ATT&CK v17, Massive DDoS Botnet appeared first on SecurityWeek.
Published on: April 25, 2025 | Source:South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days
Multiple South Korean organizations across industries have been targeted in a recent Lazarus campaign dubbed Operation SyncHole. The post South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days appeared first on SecurityWeek.
Published on: April 25, 2025 | Source:RSA Conference 2025 β Pre-Event Announcements Summary (Part 2)Β
Hundreds of companies are showcasing their products and services next week at the 2025 edition of the RSA Conference in San Francisco. The post RSA Conference 2025 β Pre-Event Announcements Summary (Part 2) appeared first on SecurityWeek.
Published on: April 25, 2025 | Source:New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework
Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this week. The cybersecurity
Published on: April 25, 2025 | Source:Why NHIs Are Security's Most Dangerous Blind Spot
When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is a growing threat that does not involve human credentials at all, as we witness the exponential growth of Non-Human Identities (NHIs). At the top of mind when NHIs are mentioned, most security teams immediately think of Service Accounts.
Published on: April 25, 2025 | Source:Deepfake 'doctors' take to TikTok to peddle bogus cures
Look out for AI-generated 'TikDocs' who exploit the public's trust in the medical profession to drive sales of sketchy supplements
Published on: April 25, 2025 | Source:Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions. The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below - CVE-2025-27610 (CVSS score: 7.5) - A path traversal
Published on: April 25, 2025 | Source:DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
Cybersecurity researchers are warning about a new malware called DslogdRAT that's installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). The malware, along with a web shell, were "installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024," JPCERT/CC researcher Yuma
Published on: April 25, 2025 | Source:CISA gets new No. 2: Madhu Gottumukkala
He served under then-South Dakota Gov. Kristi Noem, who now heads up the Department of Homeland Security. The post CISA gets new No. 2: Madhu Gottumukkala appeared first on CyberScoop.
Published on: April 24, 2025 | Source:VulnCheck spotted 159 actively exploited vulnerabilities in first few months of 2025
The vulnerability threat intelligence firmβs research reinforces a slew of recent reports warning about increased exploits in 2024. The post VulnCheck spotted 159 actively exploited vulnerabilities in first few months of 2025 appeared first on CyberScoop.
Published on: April 24, 2025 | Source:[Virtual Event] Anatomy of a Data Breach: And what to do if it happens to you
Published on: April 24, 2025 | Source:
AI speeds up analysis work for humans, two federal cyber officials say
More broadly, AI is viewed as being a double-edged sword in cybersecurity, one that can bolster both defensive and offensive operations. The post AI speeds up analysis work for humans, two federal cyber officials say appeared first on CyberScoop.
Published on: April 24, 2025 | Source:Digital Twins Bring Simulated Security to the Real World
By simulating business environments or running software, while incorporating real-time data from production systems, companies can model the impact of software updates, exploits, or disruptions.
Published on: April 24, 2025 | Source:'Digital Twins' Bring Simulated Security to the Real World
By simulating business environments or running software while incorporating real-time data from production systems, companies can model the impact of software updates, exploits, or disruptions.
Published on: April 24, 2025 | Source:Max-Severity Commvault Bug Alarms Researchers
Though already patched, the vulnerability is especially problematic because of the highly privileged access it offers to business-critical systems, sensitive data, and backups for attackers.
Published on: April 24, 2025 | Source:Judge tosses citizenship provisions in Trump elections order
Requests to block federal agencies from sharing federal data with states and to condition federal election funding were denied by Judge Colleen Kollar-Kotelly. The post Judge tosses citizenship provisions in Trump elections order appeared first on CyberScoop.
Published on: April 24, 2025 | Source:New Linux Rootkit
Interesting: The company has released a working rootkit called βCuringβ that uses io_uring, a feature built into the Linux kernel, to stealthily perform malicious activities without being caught by many of the detection solutions currently on the market. At the heart of the issue is the heavy reliance on monitoring system calls, which has become the go-to method for many cybersecurity vendors. The problem? Attackers...
Published on: April 24, 2025 | Source:NFC-Powered Android Malware Enables Instant Cash-Outs
Researchers at security vendor Cleafy detailed a malware known as "SuperCard X" that uses the NFC reader on a victim's own phone to steal credit card funds instantly.
Published on: April 24, 2025 | Source:Gig-Work Platforms at Risk for Data Breaches, Fraud, Account Takeovers
Fraudsters are targeting high-turnover workforces and compromising accounts that are associated with frequent payouts.
Published on: April 24, 2025 | Source:FBI: Cybercrime Losses Rocket to $16.6B in 2024
The losses are 33% higher than the year before, with phishing leading the way as the most-reported cybercrime last year, and ransomware was the top threat to critical infrastructure, according to the FBI Internet Crime Report.
Published on: April 24, 2025 | Source: