Patterns of concerning behavior led Google to remove trust in certificates from Chunghwa Telecom and Netlock from Chrome.
The post Chrome to Distrust Chunghwa Telecom and Netlock Certificates appeared first on SecurityWeek.
The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats
The evolution of cyber threats has forced organizations across all industries to rethink their security strategies. As attackers become more sophisticated — leveraging encryption, living-off-the-land techniques, and lateral movement to evade traditional defenses — security teams are finding more threats wreaking havoc before they can be detected. Even after an attack has been identified, it can
Alleged Conti, TrickBot Gang Leader Unmasked
Russian national Vitaly Nikolaevich Kovalev is believed to be the leader of the Conti and TrickBot cybercrime groups.
The post Alleged Conti, TrickBot Gang Leader Unmasked appeared first on SecurityWeek.
Technical Details Published for Critical Cisco IOS XE Vulnerability
The critical flaw, tracked as CVE-2025-20188 (CVSS score of 10/10), allows attackers to execute arbitrary code remotely.
The post Technical Details Published for Critical Cisco IOS XE Vulnerability appeared first on SecurityWeek.
Counter Antivirus Service AVCheck Shut Down by Law Enforcement
Counter antivirus services such as AVCheck allow cybercriminals to test whether their malware is detected by antivirus products.
The post Counter Antivirus Service AVCheck Shut Down by Law Enforcement appeared first on SecurityWeek.
US Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie Wiles
Elected officials, business executives and other prominent figures in recent weeks received messages from someone impersonating Susie Wiles.
The post US Government Is Investigating Messages Impersonating Trump’s Chief of Staff, Susie Wiles appeared first on SecurityWeek.
In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked
Noteworthy stories that might have slipped under the radar: simple PoC code released for Fortinet zero-day, OpenAI O3 disobeys shutdown orders, source code of SilverRAT emerges online.
The post In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked appeared first on SecurityWeek.
Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions
Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target Chief Financial Officers (CFOs) and financial executives at banks, energy companies, insurers, and investment firms across Europe, Africa, Canada, the Middle East, and South Asia.
“In what appears to be a multi-stage phishing operation, the attackers
“In what appears to be a multi-stage phishing operation, the attackers
Exploit details for max severity Cisco IOS XE flaw now public
Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit. […]
New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora
Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU).
Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like
Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like