Microsoft has released Windows 11 KB5066835 and KB5066793 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities and issues. […]
US seizes $15 billion in crypto from ‘pig butchering’ kingpin
The U.S. Department of Justice has seized $15 billion in bitcoin from the leader of Prince Group, a criminal organization that stole billions of dollars from victims in the United States through cryptocurrency investment scams, also known as romance baiting or pig butchering. […]
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year
Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year.
The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon, which is also tracked as Ethereal Panda and RedJuliett. According to the U.S. government, it’s assessed to be a publicly-traded
The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon, which is also tracked as Ethereal Panda and RedJuliett. According to the U.S. government, it’s assessed to be a publicly-traded
Oracles silently fixes zero-day exploit leaked by ShinyHunters
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. […]
HyperBunker Raises Seed Funding to Launch Next-Generation Anti-Ransomware Device
Investors are placing bets on a hardware-based approach to data security in a market dominated by software solutions for ransomware resilience.
The post HyperBunker Raises Seed Funding to Launch Next-Generation Anti-Ransomware Device appeared first on SecurityWeek.
Microsoft warns that Windows 10 reaches end of support today
Microsoft has reminded customers today that Windows 10 has reached the end of support and will no longer receive patches for newly discovered security vulnerabilities. […]
Cybereason Acquired by MSSP Giant LevelBlue
This is LevelBlue’s third acquisition this year, after Trustwave and Aon’s Cybersecurity & IP Litigation Consulting groups.
The post Cybereason Acquired by MSSP Giant LevelBlue appeared first on SecurityWeek.
Security firms debate CVE credit in overlapping vulnerability reports
FuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs’ reports without crediting them. Gecko denies any wrongdoing, calling the allegations a misunderstanding over disclosure process. […]
When AI Agents Join the Teams: The Hidden Security Shifts No One Expects
AI assistants are no longer just helping — they’re acting. Autonomous agents now open tickets, fix incidents, and make decisions faster than humans can monitor. As “Shadow AI” spreads, learn from Token Security why orgs must govern these agents like powerful new identities before oversight disappears. […]
SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM
SAP has rolled out additional protections for insecure deserialization bugs resolved in NetWeaver AS Java recently.
The post SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM appeared first on SecurityWeek.