A threat actor called EncryptHub has compromised a game on Steam to distribute info-stealing malware to unsuspecting users downloading the title. […]
Mitel warns of critical MiVoice MX-ONE authentication bypass flaw
Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform. […]
CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing
Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans (RATs).
The activity employs Cloudflare-themed ClickFix phishing attacks and fake GitHub repositories opened under the names of legitimate applications, Swiss cybersecurity company PRODAFT said in
The activity employs Cloudflare-themed ClickFix phishing attacks and fake GitHub repositories opened under the names of legitimate applications, Swiss cybersecurity company PRODAFT said in
Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices
Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 Series appliances that could be exploited to achieve remote code execution.
The two vulnerabilities impacting Sophos Firewall are listed below –
The two vulnerabilities impacting Sophos Firewall are listed below –
CVE-2025-6704 (CVSS score: 9.8) – An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature can lead
HeroDevs Raises $125 Million to Secure Deprecated OSS
HeroDevs has received a $125 million strategic growth investment from PSG to secure enterprise security stacks.
The post HeroDevs Raises $125 Million to Secure Deprecated OSS appeared first on SecurityWeek.
Hackers breach Toptal GitHub account, publish malicious npm packages
Hackers compromised Toptal’s GitHub organization account and used their access to publish ten malicious packages on the Node Package Manager (NPM) index. […]
New York Seeking Public Opinion on Water Systems Cyber Regulations
The proposed cyber regulations include the implementation of incident reporting, response plans, and cybersecurity controls, training, and certification of compliance.
The post New York Seeking Public Opinion on Water Systems Cyber Regulations appeared first on SecurityWeek.
GRC Firm Vanta Raises $150 Million at $4.15 Billion Valuation
Risk management and compliance solutions provider Vanta has raised more than $500 million since 2021.
The post GRC Firm Vanta Raises $150 Million at $4.15 Billion Valuation appeared first on SecurityWeek.
Clorox Sues Cognizant for $380 Million Over 2023 Hack
Clorox is blaming Congnizat for the 2023 cyberattack, claiming that the IT provided handed over passwords to the hackers.
The post Clorox Sues Cognizant for $380 Million Over 2023 Hack appeared first on SecurityWeek.
Watch This Webinar to Uncover Hidden Flaws in Login, AI, and Digital Trust — and Fix Them
Is Managing Customer Logins and Data Giving You Headaches? You’re Not Alone!
Today, we all expect super-fast, secure, and personalized online experiences. But let’s be honest, we’re also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud,
Today, we all expect super-fast, secure, and personalized online experiences. But let’s be honest, we’re also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud,