Tracked as CVE-2025-9242 (CVSS score of 9.3), the flaw leads to unauthenticated, remote code execution on vulnerable firewalls.
The post Critical WatchGuard Firebox Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Synnovis Confirms Patient Information Stolen in Disruptive Ransomware Attack
The ransomware attack on the pathology services provider disrupted operations at several London hospitals.
The post Synnovis Confirms Patient Information Stolen in Disruptive Ransomware Attack appeared first on SecurityWeek.
Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon
Amazon has seen a threat actor exploiting CVE-2025-20337 and CVE-2025-5777, two critical Cisco and Citrix vulnerabilities, as zero-days.
The post Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon appeared first on SecurityWeek.
Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases
Google and Mozilla have released fresh Chrome and Firefox updates that address multiple high-severity security defects.
The post Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases appeared first on SecurityWeek.
China’s Cyber Silence is More Worrying Than Russia’s Noise, Chief Cybersecurity Strategist Says
NTT’s chief cybersecurity strategist Mihoko Matsubara on the new geopolitics of hacking, the “chicken and egg” problem of 5G, and the AGI threat to society.
The post China’s Cyber Silence is More Worrying Than Russia’s Noise, Chief Cybersecurity Strategist Says appeared first on SecurityWeek.
How TTP-based Defenses Outperform Traditional IoC Hunting
Behavioral detection allows defenders to recognize activity patterns like privilege escalation, credential theft, and lateral movement—often ahead of encryption or data exfiltration.
The post How TTP-based Defenses Outperform Traditional IoC Hunting appeared first on SecurityWeek.
Virtual Event Today: CISO Forum 2025 Virtual Summit
From the evolving role of AI to the realities of cloud risk and governance, the CISO Forum Virtual Summit brings together CISOs, researchers, and innovators to share practical insights and strategies.
The post Virtual Event Today: CISO Forum 2025 Virtual Summit appeared first on SecurityWeek.
Sweet Security Raises $75 Million for Cloud and AI Security
The cybersecurity startup will use the investment to accelerate global expansion and product innovation.
The post Sweet Security Raises $75 Million for Cloud and AI Security appeared first on SecurityWeek.
Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit
Google is targeting the threat group known as Smishing Triad, which used over 194,000 malicious domains in a campaign.
The post Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit appeared first on SecurityWeek.
High-Severity Vulnerabilities Patched by Ivanti and Zoom
Ivanti and Zoom resolved security defects that could lead to arbitrary file writes, elevation of privilege, code execution, and information disclosure.
The post High-Severity Vulnerabilities Patched by Ivanti and Zoom appeared first on SecurityWeek.