The exploitation of the recent XWiki vulnerability has expanded to botnets, cryptocurrency miners, scanners, and custom tools.
The post Widespread Exploitation of XWiki Vulnerability Observed appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability
Security firms say the flaw has been actively exploited for weeks, even as Fortinet quietly shipped fixes and CISA added the bug to its KEV catalog.
The post Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability appeared first on SecurityWeek.
CYBERCOM 2.0: Pentagon Unveils Plan to Fix Cyber Talent Shortfalls
The goal is to produce a cyber force capable of defeating threats posed by major adversaries such as China.
The post CYBERCOM 2.0: Pentagon Unveils Plan to Fix Cyber Talent Shortfalls appeared first on SecurityWeek.
Watch on Demand: CISO Forum 2025 Virtual Summit
The CISO Forum Virtual Summit brought together CISOs, researchers, and innovators to share practical insights and strategies.
The post Watch on Demand: CISO Forum 2025 Virtual Summit appeared first on SecurityWeek.
In Other News: Deepwatch Layoffs, macOS Vulnerability, Amazon AI Bug Bounty
Other noteworthy stories that might have slipped under the radar: EchoGram attack undermines AI guardrails, Asahi brewer still crippled after ransomware attack, Sora 2 system prompt uncovered.
The post In Other News: Deepwatch Layoffs, macOS Vulnerability, Amazon AI Bug Bounty appeared first on SecurityWeek.
Checkout.com Discloses Data Breach After Extortion Attempt
The information was stolen from a legacy cloud file storage system, not from its payment processing platform.
The post Checkout.com Discloses Data Breach After Extortion Attempt appeared first on SecurityWeek.
Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack
The media company admitted that cybercriminals attempted to extort a payment after stealing personal information.
The post Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack appeared first on SecurityWeek.
Akira Ransomware Group Made $244 Million in Ransom Proceeds
Akira was seen exploiting SonicWall vulnerabilities and encrypting Nutanix Acropolis Hypervisor (AHV) VM disk files this year.
The post Akira Ransomware Group Made $244 Million in Ransom Proceeds appeared first on SecurityWeek.
Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign
A financially motivated threat actor automated the package publishing process in a coordinated tea.xyz token farming campaign.
The post Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign appeared first on SecurityWeek.
Imunify360 Vulnerability Could Expose Millions of Sites to Hacking
A vulnerability in ImunifyAV can be exploited for arbitrary code execution by uploading a malicious file to shared servers.
The post Imunify360 Vulnerability Could Expose Millions of Sites to Hacking appeared first on SecurityWeek.