Category: SecurityWeek

Chinese APT UAT-7237 has been targeting Taiwanese web infrastructure for long-term access to high-value entities.

The post Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets appeared first on SecurityWeek.

CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.

The post Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) appeared first on SecurityWeek.

Other noteworthy stories that might have slipped under the radar: Canada’s House of Commons hacked, Russia behind court system attack, Pennsylvania AG targeted in cyberattack.

The post In Other News: Critical Zoom Flaw, City’s Water Threatened by Hack, $330 Billion OT Cyber Risk appeared first on SecurityWeek.

With cybersecurity budgets strained, organizations are turning to AI-powered automation to plug staffing gaps, maintain defenses, and survive escalating threats.

The post Tight Cybersecurity Budgets Accelerate the Shift to AI-Driven Defense appeared first on SecurityWeek.

Android pKVM has achieved SESIP Level 5 certification, which means it’s resistant to highly skilled, motivated, and funded attackers.

The post Google Says Android pKVM Earns Highest Level of Security Assurance appeared first on SecurityWeek.

Rockwell Automation has published several advisories describing critical and high-severity vulnerabilities affecting its products.

The post Critical Flaws Patched in Rockwell FactoryTalk, Micro800, ControlLogix Products appeared first on SecurityWeek.

Cisco has released over 20 advisories as part of its August 2025 bundled publication for ASA, FMC and FTD products.

The post Cisco Patches Critical Vulnerability in Firewall Management Platform appeared first on SecurityWeek.

Path traversal and XXE injection flaws allowing unauthenticated remote code execution have been patched in Xerox FreeFlow Core. 

The post Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution appeared first on SecurityWeek.

CISA reported becoming aware of attacks exploiting CVE-2025-8875 and CVE-2025-8876 in N-able N-central on the day they were patched.

The post CISA Warns of Attacks Exploiting N-able Vulnerabilities appeared first on SecurityWeek.

The new DDoS attack vector, which involves HTTP/2 implementation flaws, has been compared to Rapid Reset.

The post ‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks appeared first on SecurityWeek.