Tonic Security has emerged from stealth mode to tackle the complexity of exposure and vulnerability management.
The post Tonic Security Launches With $7 Million in Seed Funding appeared first on SecurityWeek.
Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome
Tracked as CVE-2025-6558, the flaw was found in Chrome’s ANGLE and GPU components and was flagged as exploited by Google TAG.
The post Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome appeared first on SecurityWeek.
Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware
Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025.
“Over the course of three days, a threat actor gained access to the customer’s network, attempted to download several suspicious files and communicated with malicious infrastructure linked to Auto-Color
“Over the course of three days, a threat actor gained access to the customer’s network, attempted to download several suspicious files and communicated with malicious infrastructure linked to Auto-Color
Axonius Acquires Medical Device Security Firm Cynerio in $100 Million Deal
Axonius has acquired Cynerio for $100 million in cash and stock to accelerate its expansion into the healthcare market.
The post Axonius Acquires Medical Device Security Firm Cynerio in $100 Million Deal appeared first on SecurityWeek.
Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure
Google Cloud’s Mandiant Consulting has revealed that it has witnessed a drop in activity from the notorious Scattered Spider group, but emphasized the need for organizations to take advantage of the lull to shore up their defenses.
“Since the recent arrests tied to the alleged Scattered Spider (UNC3944) members in the U.K., Mandiant Consulting hasn’t observed any new intrusions directly
“Since the recent arrests tied to the alleged Scattered Spider (UNC3944) members in the U.K., Mandiant Consulting hasn’t observed any new intrusions directly
Tea App Takes Messaging System Offline After Second Security Issue Reported
Tea has said about 72,000 images were leaked online in the initial incident, and another 59,000 images publicly viewable in the app from posts, comments and direct messages were also accessed.
The post Tea App Takes Messaging System Offline After Second Security Issue Reported appeared first on SecurityWeek.
Minnesota activates National Guard after St. Paul cyberattack
Minnesota Governor Tim Walz has activated the National Guard in response to a crippling cyberattack that struck the City of Saint Paul, the state’s capital, on Friday. […]
Russian airline Aeroflot grounds dozens of flights after cyberattack
Aeroflot, Russia’s flag carrier, has suffered a cyberattack that resulted in the cancellation of more than 60 flights and severe delays on additional flights. […]
Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment
Vulnerabilities discovered by Binarly in Lenovo devices allow privilege escalation, code execution, and security bypass.
The post Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment appeared first on SecurityWeek.
Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware
Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company. […]