Category: SecurityWeek

Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS.

The post Exploited CrushFTP Zero-Day Provides Admin Access to Servers appeared first on SecurityWeek.

Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately.

The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available appeared first on SecurityWeek.

Noteworthy stories that might have slipped under the radar: powerful US law firm hacked by China, Symantec product flaw, $10,000 Meta AI hack, cryptocurrency thieves bypassing FIDO keys. 

The post In Other News: Law Firm Hacked by China, Symantec Flaw, Meta AI Hack, FIDO Key Bypass appeared first on SecurityWeek.

AI-native email security firm StrongestLayer has emerged from stealth mode with $5.2 million in seed funding.

The post Email Protection Startup StrongestLayer Emerges From Stealth Mode appeared first on SecurityWeek.

Dozens of FortiWeb instances have been hacked after PoC targeting a recent critical vulnerability was shared publicly.

The post Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication appeared first on SecurityWeek.

Radiology Associates of Richmond has disclosed a data breach impacting protected health and personal information. 

The post 1.4 Million Affected by Data Breach at Virginia Radiology Practice appeared first on SecurityWeek.

With generative AI enabling fraud-as-a-service at scale, legacy defenses are crumbling. The next wave of cybercrime is faster, smarter, and terrifyingly synthetic.

The post Fraud: A Growth Industry Powered by Gen-AI appeared first on SecurityWeek.

The CitrixBleed 2 vulnerability in NetScaler may expose organizations to compromise even if patches have been applied.

The post CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable appeared first on SecurityWeek.

Google has filed a lawsuit against the Badbox 2.0 botnet operators, after identifying over 10 million infected Android devices.

The post Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet appeared first on SecurityWeek.

Wiz researchers discovered NVIDIAScape, an Nvidia Container Toolkit flaw that can be exploited for full control of the host machine.

The post Critical Nvidia Toolkit Flaw Exposes AI Cloud Services to Hacking appeared first on SecurityWeek.