Vulnerable SolarWinds Web Help Desk instances were exploited in December 2025 for initial access.
The post Recent SolarWinds Flaws Potentially Exploited as Zero-Days appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
SmarterTools Hit by Ransomware via Vulnerability in Its Own Product
SmarterTools says customers were impacted after hackers compromised a data center used for quality control testing.
The post SmarterTools Hit by Ransomware via Vulnerability in Its Own Product appeared first on SecurityWeek.
New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog
The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it.
The post New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog appeared first on SecurityWeek.
European Commission Investigating Cyberattack
The signs of a cyberattack were identified on systems EU’s main executive body uses for mobile device management.
The post European Commission Investigating Cyberattack appeared first on SecurityWeek.
Organizations Urged to Replace Discontinued Edge Devices
Edge devices that are no longer supported have been targeted in attacks by state-sponsored hackers, the US says.
The post Organizations Urged to Replace Discontinued Edge Devices appeared first on SecurityWeek.
Flickr Security Incident Tied to Third-Party Email System
Potential breach at Flickr exposes usernames, email addresses, IP addresses, and activity data.
The post Flickr Security Incident Tied to Third-Party Email System appeared first on SecurityWeek.
Living off the AI: The Next Evolution of Attacker Tradecraft
Living off the AI isn’t a hypothetical but a natural continuation of the tradecraft we’ve all been defending against, now mapped onto assistants, agents, and MCP.
The post Living off the AI: The Next Evolution of Attacker Tradecraft appeared first on SecurityWeek.
In Other News: Record DDoS, Epstein’s Hacker, ESET Product Vulnerabilities
Other noteworthy stories that might have slipped under the radar: AT&T and Verizon response to Salt Typhoon, AI agents solve security challenges, man arrested in Poland for DDos Attacks.
The post In Other News: Record DDoS, Epstein’s Hacker, ESET Product Vulnerabilities appeared first on SecurityWeek.
Airrived Emerges From Stealth With $6.1 Million in Funding
The startup aims to unify SOC, GRC, IAM, vulnerability management, IT, and business operations through its Agentic OS platform.
The post Airrived Emerges From Stealth With $6.1 Million in Funding appeared first on SecurityWeek.
‘DKnife’ Implant Used by Chinese Threat Actor for Adversary-in-the-Middle Attacks
Used since at least 2019, DKnife has been targeting the desktop, mobile, and IoT devices of Chinese users.
The post ‘DKnife’ Implant Used by Chinese Threat Actor for Adversary-in-the-Middle Attacks appeared first on SecurityWeek.