Law enforcement authorities in Africa have arrested over 1,200 suspects as part of ‘Operation Serengeti 2.0,’ an INTERPOL-led international crackdown targeting cross-border cybercriminal gangs. […]
CPAP Medical Data Breach Impacts 90,000 People
CPAP Medical Supplies and Services has disclosed a data breach resulting from an intrusion that occurred in December 2024.
The post CPAP Medical Data Breach Impacts 90,000 People appeared first on SecurityWeek.
DaVita says ransomware gang stole data of nearly 2.7 million people
Kidney dialysis firm DaVita has confirmed that a ransomware gang that breached its network stole the personal and health information of nearly 2.7 million individuals. […]
AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure
AWS has addressed a vulnerability that could have been leveraged to bypass Trusted Advisor’s S3 bucket permissions check.
The post AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure appeared first on SecurityWeek.
Hundreds Targeted in New Atomic macOS Stealer Campaign
Between June and August, over 300 entities were targeted with the Atomic macOS Stealer via malvertising.
The post Hundreds Targeted in New Atomic macOS Stealer Campaign appeared first on SecurityWeek.
MITRE Updates List of Most Common Hardware Weaknesses
MITRE has updated the list of Most Important Hardware Weaknesses to align it with evolving hardware security challenges.
The post MITRE Updates List of Most Common Hardware Weaknesses appeared first on SecurityWeek.
Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware
A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with custom malware and deploying a kill switch that locked out employees when his account was disabled.
Davis Lu, 55, of Houston, Texas, was convicted of causing intentional damage to protected computers in March 2025. He was arrested and
Davis Lu, 55, of Houston, Texas, was convicted of causing intentional damage to protected computers in March 2025. He was arrested and
Dev gets 4 years for creating kill switch on ex-employer’s systems
A software developer has been sentenced to four years in prison for sabotaging his ex-employer’s Windows network with custom malware and a kill switch that locked out employees when his account was disabled. […]
Colt confirms customer data stolen as Warlock ransomware auctions files
UK-based telecommunications company Colt Technology Services confirms that customer documentation was stolen as Warlock ransomware gang auctions files. […]
Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks
Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances.
The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows –
The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows –
CVE-2025-57788 (CVSS score: 6.9) – A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user