Criminal IP now integrates with IBM QRadar SIEM and SOAR to bring external IP-based threat intelligence directly into detection and response workflows. See how risk scoring and automated enrichment help SOC teams prioritize high-risk IPs and accelerate investigations without leaving QRadar. […]
In Other News: Google Looks at AI Abuse, Trump Pauses China Bans, Disney’s $2.7M Fine
Other noteworthy stories that might have slipped under the radar: vulnerabilities at 277 water systems, DoD employee acting as money mule, 200 airports exposed by flaw.
The post In Other News: Google Looks at AI Abuse, Trump Pauses China Bans, Disney’s $2.7M Fine appeared first on SecurityWeek.
Check Point Announces Trio of Acquisitions Amid Solid 2025 Earnings Beat
Check Point has acquired Israeli cybersecurity companies Cyata, Cyclops, and Rotate.
The post Check Point Announces Trio of Acquisitions Amid Solid 2025 Earnings Beat appeared first on SecurityWeek.
CISA flags critical Microsoft SCCM flaw as exploited in attacks
CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks. […]
Dutch Carrier Odido Discloses Data Breach Impacting 6 Million
Hackers stole personal information such as names, addresses, and phone numbers from a customer contact system.
The post Dutch Carrier Odido Discloses Data Breach Impacting 6 Million appeared first on SecurityWeek.
CISA Announces New Town Halls to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
Cybersecurity researchers have discovered a malicious Google Chrome extension that’s designed to steal data associated with Meta Business Suite and Facebook Business Manager.
The extension, named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is marketed as a way to scrape Meta Business Suite data, remove verification pop-ups, and generate two-factor authentication (2FA) codes.
The extension, named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is marketed as a way to scrape Meta Business Suite data, remove verification pop-ups, and generate two-factor authentication (2FA) codes.
BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release
Exploitation attempts target CVE-2026-1731, a critical unauthenticated remote code execution flaw in BeyondTrust Remote Support.
The post BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release appeared first on SecurityWeek.
npm’s Update to Harden Their Supply Chain, and Points to Consider
In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain attacks. While the overhaul is a solid step forward, the changes don’t make npm projects immune from supply-chain attacks. npm is still susceptible to malware attacks – here’s what you need to know for a safer Node community.
Let’s start with the original
Let’s start with the original
CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities
Disclosed at the end of January, the SolarWinds vulnerability was likely exploited as a zero-day since December 2025.
The post CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities appeared first on SecurityWeek.