The Amazon Threat Intelligence team has disrupted active operations attributed to hackers working for the Russian foreign military intelligence agency, the GRU, who targeted customers’ cloud infrastructure. […]
From Open Source to OpenAI: The Evolution of Third-Party Risk
From open source libraries to AI-powered coding assistants, speed-driven development is introducing new third-party risks that threat actors are increasingly exploiting.
The post From Open Source to OpenAI: The Evolution of Third-Party Risk appeared first on SecurityWeek.
Texas sues TV makers for taking screenshots of what people watch
The Texas Attorney General sued five major television manufacturers, accusing them of illegally collecting their users’ data by secretly recording what they watch using Automated Content Recognition (ACR) technology. […]
Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining.
The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring systems on November 2, 2025, employs never-before-seen persistence techniques to hamper
The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring systems on November 2, 2025, employs never-before-seen persistence techniques to hamper
Hackers exploit newly patched Fortinet auth bypass flaws
Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to admin accounts and steal system configuration files. […]
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data
Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its author to sneak in a cryptocurrency wallet stealer.
The malicious package, named “Tracer.Fody.NLog,” remained on the repository for nearly six years. It was published by a user named “csnemess” on February 26, 2020. It masquerades as “Tracer.Fody,”
The malicious package, named “Tracer.Fody.NLog,” remained on the repository for nearly six years. It was published by a user named “csnemess” on February 26, 2020. It masquerades as “Tracer.Fody,”
Cyberattack disrupts Venezuelan oil giant PDVSA’s operations
Petróleos de Venezuela (PDVSA), Venezuela’s state-owned oil company, was hit by a cyberattack over the weekend that disrupted its export operations. […]
The Hidden Risk in Virtualization: Why Hypervisors are a Ransomware Magnet
Ransomware groups are targeting hypervisors to maximize impact, allowing a single breach to encrypt dozens of virtual machines at once. Drawing on real-world incident data, Huntress explains how attackers exploit visibility gaps at the hypervisor layer and outlines steps orgs can take to harden virtualization infrastructure. […]
CISO Communities – Cybersecurity’s Secret Weapon
Closed CISO communities act as an information exchange, advice center, pressure valve, and safe haven from critical oversight.
The post CISO Communities – Cybersecurity’s Secret Weapon appeared first on SecurityWeek.
700,000 Records Compromised in Askul Ransomware Attack
The e-commerce and logistics company was targeted by the RansomHouse ransomware group in October.
The post 700,000 Records Compromised in Askul Ransomware Attack appeared first on SecurityWeek.