VMS firm Valsoft Corporation says the personal information of over 160,000 people was compromised in a February 2025 data breach.
The post 160,000 Impacted by Valsoft Data Breach appeared first on SecurityWeek.
Malicious NPM Packages Target Cursor AI’s macOS Users
Three NPM packages posing as developer tools for Cursor AI code editor’s macOS version contain a backdoor.
The post Malicious NPM Packages Target Cursor AI’s macOS Users appeared first on SecurityWeek.
Rising Tides: Kelley Misata on Bringing Cybersecurity to Nonprofits
Sightline Security’s founder explains why nonprofits need cybersecurity solutions tailored to their unique missions — and why vendors need to listen.
The post Rising Tides: Kelley Misata on Bringing Cybersecurity to Nonprofits appeared first on SecurityWeek.
Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
Cybersecurity researchers are warning of a new campaign that’s targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025.
“The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox,” Cisco Talos
“The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox,” Cisco Talos
Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this power comes new risks — like data leaks, identity theft, and malicious misuse.
If your company is exploring or already using AI agents, you need to ask: Are they secure?
AI agents work with sensitive data and make real-time decisions. If they’re not
If your company is exploring or already using AI agents, you need to ask: Are they secure?
AI agents work with sensitive data and make real-time decisions. If they’re not
SAP Zero-Day Targeted Since January, Many Sectors Impacted
Hundreds of SAP NetWeaver instances hacked via a zero-day that allows remote code execution, not only arbitrary file uploads, as initially believed.
The post SAP Zero-Day Targeted Since January, Many Sectors Impacted appeared first on SecurityWeek.
Company and Personal Data Compromised in Recent Insight Partners Hack
VC firm Insight Partners is informing partners and employees that their information was exposed in the January 2025 cyberattack.
The post Company and Personal Data Compromised in Recent Insight Partners Hack appeared first on SecurityWeek.
Beyond Vulnerability Management – Can You CVE What I CVE?
The Vulnerability Treadmill
The reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited and patching everything immediately is a struggle. Our Vulnerability Operation Center (VOC) dataset analysis identified 1,337,797 unique findings (security issues) across 68,500 unique customer assets. 32,585 of them were distinct
The reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited and patching everything immediately is a struggle. Our Vulnerability Operation Center (VOC) dataset analysis identified 1,337,797 unique findings (security issues) across 68,500 unique customer assets. 32,585 of them were distinct
Valuable Information Leaked in LockBit Ransomware Hack
Private messages, Bitcoin addresses, victim data, and attacker information were leaked after someone hacked a LockBit admin panel.
The post Valuable Information Leaked in LockBit Ransomware Hack appeared first on SecurityWeek.
Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
Google on Thursday announced it’s rolling out new artificial intelligence (AI)-powered countermeasures to combat scams across Chrome, Search, and Android.
The tech giant said it will begin using Gemini Nano, its on-device large language model (LLM), to improve Safe Browsing in Chrome 137 on desktops.
“The on-device approach provides instant insight on risky websites and allows us to offer
The tech giant said it will begin using Gemini Nano, its on-device large language model (LLM), to improve Safe Browsing in Chrome 137 on desktops.
“The on-device approach provides instant insight on risky websites and allows us to offer