A software developer has been sentenced to four years in prison for sabotaging his ex-employer’s Windows network with custom malware and a kill switch that locked out employees when his account was disabled. […]
Colt confirms customer data stolen as Warlock ransomware auctions files
UK-based telecommunications company Colt Technology Services confirms that customer documentation was stolen as Warlock ransomware gang auctions files. […]
Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks
Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances.
The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows –
The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows –
CVE-2025-57788 (CVSS score: 6.9) – A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user
Europol confirms $50,000 Qilin ransomware reward is fake
Europol has confirmed that a Telegram channel impersonating the agency and offering a $50,000 reward for information on two Qilin ransomware administrators is fake. The impostor later admitted it was created to troll researchers and journalists. […]
Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages
Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3.
Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA pages as lures to trick users into providing initial access to their systems, which is then
Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA pages as lures to trick users into providing initial access to their systems, which is then
Telecom Firm Colt Confirms Data Breach as Ransomware Group Auctions Files
Colt Technology Services is working on restoring systems disrupted by a ransomware attack that involved data theft.
The post Telecom Firm Colt Confirms Data Breach as Ransomware Group Auctions Files appeared first on SecurityWeek.
Microsoft asks customers for feedback on SSD failure issues
​Microsoft is seeking further information from customers who reported failure and data corruption issues affecting their solid-state drives (SSDs) and hard disk drives (HDDs) after installing the August 2025 security update. […]
Why Certified VMware Pros Are Driving the Future of IT
From hybrid cloud to AI, IT complexity and security risks are accelerating. Certified VMware pros bring clarity and resilience that keep teams ahead. See why CIOs are making certification a workforce strategy with VMUG. […]
Scattered Spider Hacker Sentenced to Prison
Noah Urban was sentenced to 10 years in prison for his role in the notorious cybercriminal operation known as Scattered Spider.
The post Scattered Spider Hacker Sentenced to Prison appeared first on SecurityWeek.
Password Managers Vulnerable to Data Theft via Clickjacking
A researcher has tested nearly a dozen password managers and found that they were all vulnerable to clickjacking attacks.
The post Password Managers Vulnerable to Data Theft via Clickjacking appeared first on SecurityWeek.