The UNC2891 hacking group, also known as LightBasin, used a 4G-equipped Raspberry Pi hidden in a bank’s network to bypass security defenses in a newly discovered attack. […]
Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps
Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to deploy a compiled V8 JavaScript (JSC) malware called JSCEAL that can capture data from credentials and wallets.
The activity leverages thousands of malicious advertisements posted on Facebook in an attempt to redirect unsuspecting victims to counterfeit sites that instruct
The activity leverages thousands of malicious advertisements posted on Facebook in an attempt to redirect unsuspecting victims to counterfeit sites that instruct
FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant
Cybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to their files for free.
“Because the ransomware is now considered dead, we released the decryptor for public download,” Gen Digital researcher Ladislav Zezula said.
FunkSec, which emerged towards the end of 2024, has claimed 172 victims, according to data from
“Because the ransomware is now considered dead, we released the decryptor for public download,” Gen Digital researcher Ladislav Zezula said.
FunkSec, which emerged towards the end of 2024, has claimed 172 victims, according to data from
Apple patches security flaw exploited in Chrome zero-day attacks
Apple has released security updates to address a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users. […]
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
Lenovo is warning about high-severity BIOS flaws that could allow attackers to potentially bypass Secure Boot in all-in-one desktop PC models that use customized Insyde UEFI (Unified Extensible Firmware Interface). […]
BlinkOps Raises $50 Million for Agentic Security Automation Platform
BlinkOps has announced a Series B funding round that brings the total raised by the company for its micro-agents builder to $90 million.
The post BlinkOps Raises $50 Million for Agentic Security Automation Platform appeared first on SecurityWeek.
Legion Emerges From Stealth With $38 Million in Funding
Legion has raised $38 million in seed and Series A funding for its browser-native AI Security Operations Center (SOC) platform.
The post Legion Emerges From Stealth With $38 Million in Funding appeared first on SecurityWeek.
Scattered Spider Activity Drops Following Arrests, but Others Adopting Group’s Tactics
Multiple financially motivated threat actors are targeting backup systems and employing Scattered Spider’s social engineering techniques.
The post Scattered Spider Activity Drops Following Arrests, but Others Adopting Group’s Tactics appeared first on SecurityWeek.
Palo Alto Networks to Acquire CyberArk for $25 Billion
Strategic acquisitions marks Palo Alto Networks’ formal entry into the identity security space and accelerates its platform strategy.
The post Palo Alto Networks to Acquire CyberArk for $25 Billion appeared first on SecurityWeek.
AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
AI is reshaping vCISO services—and SMBs are fueling the surge. Cynomi’s 2025 report shows 3x adoption growth and major workload drops as MSPs and MSSPs scale cybersecurity like never before. Learn more in the 2025 State of the vCISO Report. […]