The software update includes additional file checks and helps users remove the known rootkit deployed in a recent campaign.
The post SonicWall Updates SMA 100 Appliances to Remove Overstep Malware appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers
Tracked as CVE-2025-59689, the command injection bug could be triggered via malicious emails containing crafted compressed attachments.
The post Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers appeared first on SecurityWeek.
Jaguar Land Rover Says Shutdown Will Continue Until at Least Oct 1 After Cyberattack
JLR extended the pause in production “to give clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation.”
The post Jaguar Land Rover Says Shutdown Will Continue Until at Least Oct 1 After Cyberattack appeared first on SecurityWeek.
A Massive Telecom Threat Was Stopped Right As World Leaders Gathered at UN Headquarters in New York
More than 300 servers and 100,000 SIM cards designed to mimic cellphones and overwhelm networks.
The post A Massive Telecom Threat Was Stopped Right As World Leaders Gathered at UN Headquarters in New York appeared first on SecurityWeek.
Patch Bypassed for Supermicro Vulnerability Allowing BMC Hack
Binarly researchers have found a way to bypass a patch for a previously disclosed vulnerability.
The post Patch Bypassed for Supermicro Vulnerability Allowing BMC Hack appeared first on SecurityWeek.
SolarWinds Makes Third Attempt at Patching Exploited Vulnerability
CVE-2025-26399 is a patch bypass of CVE-2024-28988, which is a patch bypass of the exploited CVE-2024-28986.
The post SolarWinds Makes Third Attempt at Patching Exploited Vulnerability appeared first on SecurityWeek.
Unit 221B Raises $5 Million for Threat Intel Aiding Hacker Arrests
The company will expand its platform’s capabilities and accelerate investigative collaboration and go-to-market efforts.
The post Unit 221B Raises $5 Million for Threat Intel Aiding Hacker Arrests appeared first on SecurityWeek.
All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher
The strength of responsible disclosure is that it can solve problems before they are actioned. The weakness is that it potentially generates a false sense of security in the vendor.
The post All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher appeared first on SecurityWeek.
Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited
A new ranking of Model Context Protocol weaknesses highlights critical risks—from prompt injection to command injection—and provides a roadmap for securing the foundations of agentic AI.
The post Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited appeared first on SecurityWeek.
ShadowV2 DDoS Service Lets Customers Self-Manage Attacks
The botnet’s operators provide customers with access to an infected network of Docker containers so they can conduct DDoS attacks.
The post ShadowV2 DDoS Service Lets Customers Self-Manage Attacks appeared first on SecurityWeek.