The Information Commissioner’s Office (ICO) in the UK has fined Capita, a provider of data-driven business process services, £14 million ($18.7 million) for a data breach incident in 2023 that exposed the personal information of 6.6 million people. […]
PowerSchool hacker gets sentenced to four years in prison
19-year-old college student Matthew D. Lane, from Worcester, Massachusetts, was sentenced to 4 years in prison for orchestrating a cyberattack on PowerSchool in December 2024 that resulted in a massive data breach. […]
Fake LastPass, Bitwarden breach alerts lead to PC hijacks
An ongoing phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, urging them to download a supposedly more secure desktop version of the password manager. […]
F5 releases BIG-IP patches for stolen security vulnerabilities
Cybersecurity company F5 has released security updates to address BIG-IP vulnerabilities stolen in a breach detected on August 9, 2025. […]
Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months
A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider, marking the hacking group’s expansion to the country beyond Southeast Asia and South America.
The activity, which took place from January to May 2025, has been attributed by Broadcom-owned Symantec to a threat actor it tracks as Jewelbug, which it said overlaps with
The activity, which took place from January to May 2025, has been attributed by Broadcom-owned Symantec to a threat actor it tracks as Jewelbug, which it said overlaps with
SecurityWeek to Host 2025 ICS Cybersecurity Conference October 27-30 in Atlanta
Premier industrial cybersecurity conference Offers 70+ sessions, five training courses, and and ICS Village CTF competition.
The post SecurityWeek to Host 2025 ICS Cybersecurity Conference October 27-30 in Atlanta appeared first on SecurityWeek.
F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion
U.S. cybersecurity company F5 on Wednesday disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP’s source code and information related to undisclosed vulnerabilities in the product.
It attributed the activity to a “highly sophisticated nation-state threat actor,” adding the adversary maintained long-term, persistent access to its network. The
It attributed the activity to a “highly sophisticated nation-state threat actor,” adding the adversary maintained long-term, persistent access to its network. The
Microsoft: Sept Windows Server updates cause Active Directory issues
Microsoft has confirmed that the September 2025 security updates are causing Active Directory issues on Windows Server 2025 systems. […]
Clothing giant MANGO discloses data breach exposing customer info
Spanish fashion retailer MANGO is sending notices of a data breach to its customers, warning that its marketing vendor suffered a compromise exposing personal data. […]
F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data
F5 has not shared too much information on the threat actor, but the attack profile seems to point to China.
The post F5 Blames Nation-State Hackers for Theft of Source Code and Vulnerability Data appeared first on SecurityWeek.