An APT hacking group known as ‘Stealth Falcon’ exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen. […]
Microsoft creates separate Windows 11 24H2 update for incompatible PCs
Microsoft confirmed on Tuesday that it’s pushing a revised security update targeting some Windows 11 24H2 systems incompatible with the initial update released during this month’s Patch Tuesday. […]
Securonix Acquires Threat Intelligence Firm ThreatQuotient
Cybersecurity heavyweight Securonix acquires ThreatQuotient to boost plans to build an all-in-one security operations stack.
The post Securonix Acquires Threat Intelligence Firm ThreatQuotient appeared first on SecurityWeek.
Maze Banks $25M to Tackle Cloud Security with AI Agents
Maze and its investors are betting on finding profits in software that uses AI-powered agents to automate critical parts of the process.
The post Maze Banks $25M to Tackle Cloud Security with AI Agents appeared first on SecurityWeek.
Brute-force attacks target Apache Tomcat management panels
A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. […]
Flaw in Industrial Computer Maker’s UEFI Apps Enables Secure Boot Bypass on Many Devices
Vulnerable DTResearch UEFI firmware applications can be used in BYOVD attacks to bypass Secure Boot.
The post Flaw in Industrial Computer Maker’s UEFI Apps Enables Secure Boot Bypass on Many Devices appeared first on SecurityWeek.
Operation Secure disrupts global infostealer malware operations
An international law enforcement action codenamed “Operation Secure” targeted infostealer malware infrastructure in a massive crackdown across 26 countries, resulting in 32 arrests, data seizures, and server takedowns. […]
295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
Threat intelligence firm GreyNoise has warned of a “coordinated brute-force activity” targeting Apache Tomcat Manager interfaces.
The company said it observed a surge in brute-force and login attempts on June 5, 2025, an indication that they could be deliberate efforts to “identify and access exposed Tomcat services at scale.”
To that end, 295 unique IP addresses have been found to be engaged
The company said it observed a surge in brute-force and login attempts on June 5, 2025, an indication that they could be deliberate efforts to “identify and access exposed Tomcat services at scale.”
To that end, 295 unique IP addresses have been found to be engaged
Webinar Today: Rethinking Endpoint Hardening for Today’s Attack Landscape
Learn how attackers hide in plain sight—and what you can do to stop them without slowing down your business.
The post Webinar Today: Rethinking Endpoint Hardening for Today’s Attack Landscape appeared first on SecurityWeek.
Microsoft fixes unreachable Windows Server domain controllers
Microsoft has resolved a known issue that caused some Windows Server 2025 domain controllers to become unreachable after a restart and triggered app or service failures. […]