Eight days before patches, a threat actor exploited CVE-2025-10035 as a zero-day to create a backdoor admin account.
The post Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks
Leading to remote code execution and privilege escalation, the flaws were exploited on Cisco ASA 5500-X series devices that lack secure boot.
The post Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks appeared first on SecurityWeek.
Salesforce AI Hack Enabled CRM Data Theft
Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak.
The post Salesforce AI Hack Enabled CRM Data Theft appeared first on SecurityWeek.
PyPI Warns Users of Fresh Phishing Campaign
Threat actors impersonating PyPI ask users to verify their email for security purposes, directing them to fake websites.
The post PyPI Warns Users of Fresh Phishing Campaign appeared first on SecurityWeek.
Chinese Cyberspies Hacked US Defense Contractors
RedNovember has been targeting government, defense and aerospace, and legal services organizations worldwide.
The post Chinese Cyberspies Hacked US Defense Contractors appeared first on SecurityWeek.
RTX Confirms Airport Services Hit by Ransomware
The aerospace and defense giant has disclosed the cyberattack in a filing with the SEC.
The post RTX Confirms Airport Services Hit by Ransomware appeared first on SecurityWeek.
Perspective: Why Politics in the Workplace is a Cybersecurity Risk
Bringing politics into professional spaces undermines decision-making, collaboration, and ultimately weakens security teams.
The post Perspective: Why Politics in the Workplace is a Cybersecurity Risk appeared first on SecurityWeek.
Chinese Spies Lurked in Networks for 393 Days, Hunted for Zero-Day Intel
Google’s Threat Intelligence Group and Mandiant have shared findings on a recent BrickStorm campaign linked to UNC5221.
The post Chinese Spies Lurked in Networks for 393 Days, Hunted for Zero-Day Intel appeared first on SecurityWeek.
CSA Unveils SaaS Security Controls Framework to Ease Complexity
New framework from the Cloud Security Alliance helps SaaS customers navigate the shared responsibility model with confidence.
The post CSA Unveils SaaS Security Controls Framework to Ease Complexity appeared first on SecurityWeek.
Volvo Group Employee Data Stolen in Ransomware Attack
The Miljödata data breach has impacted numerous organizations, education institutions, and Swedish municipalities.
The post Volvo Group Employee Data Stolen in Ransomware Attack appeared first on SecurityWeek.