Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges.
The post Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
The Blast Radius Problem: Stolen Credentials are Weaponizing Agentic AI
More than half (56%) of the 400,000 vulnerabilities IBM X-Force tracked in 2025 required no authentication before exploitation.
The post The Blast Radius Problem: Stolen Credentials are Weaponizing Agentic AI appeared first on SecurityWeek.
Google Disrupts Chinese Cyberespionage Campaign Targeting Telecoms, Governments
The UNC2814 threat actor has been active since at least 2017, targeting organizations across 42 countries.
The post Google Disrupts Chinese Cyberespionage Campaign Targeting Telecoms, Governments appeared first on SecurityWeek.
SolarWinds Patches Four Critical Serv-U Vulnerabilities
The four security defects could be exploited for remote code execution but require administrative privileges.
The post SolarWinds Patches Four Critical Serv-U Vulnerabilities appeared first on SecurityWeek.
Medical Device Maker UFP Technologies Hit by Cyberattack
UFP Technologies appears to have been targeted in a ransomware attack that involved data theft and file-encrypting malware.
The post Medical Device Maker UFP Technologies Hit by Cyberattack appeared first on SecurityWeek.
Ex-US Defense Contractor Executive Jailed for Selling Exploits to Russia
Peter Williams was sentenced to 87 months in prison for selling cyber exploits to a Russian broker.
The post Ex-US Defense Contractor Executive Jailed for Selling Exploits to Russia appeared first on SecurityWeek.
Over 12 Million Users Impacted by CarGurus Data Breach
Hackers claim to have stolen personally identifiable information and internal corporate data from the automotive firm.
The post Over 12 Million Users Impacted by CarGurus Data Breach appeared first on SecurityWeek.
SecurityWeek Report: 426 Cybersecurity M&A Deals Announced in 2025
SecurityWeek’s M&A data indicates that today’s market is more disciplined, and it seems to favor GRC, data protection, and identity.
The post SecurityWeek Report: 426 Cybersecurity M&A Deals Announced in 2025 appeared first on SecurityWeek.
Wynn Resorts Confirms Data Breach After Hackers Remove It From Leak Site
The high-end casino and hotel operator has admitted that employee data was stolen by ShinyHunters.
The post Wynn Resorts Confirms Data Breach After Hackers Remove It From Leak Site appeared first on SecurityWeek.
Astelia Raises $35 Million for Exposure Management
The company will expand its AI-based analysis capabilities, grow its employee base, and scale deployments.
The post Astelia Raises $35 Million for Exposure Management appeared first on SecurityWeek.