A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month. […]
Browser-in-the-Browser attacks target CS2 players’ Steam accounts
A new phishing campaign targets Counter-Strike 2 players utilizing Browser-in-the-Browser (BitB) attacks that display a realistic window that mimics Steam’s login page. […]
Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots
DrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability.
The post Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots appeared first on SecurityWeek.
VMware Patches Authentication Bypass Flaw in Windows Tools Suite
The authentication bypass vulnerability, tagged as CVE-2025-22230, carries a CVSS severity score of 7.8/10.
The post VMware Patches Authentication Bypass Flaw in Windows Tools Suite appeared first on SecurityWeek.
Microsoft Adds AI Agents to Security Copilot
Microsoft has expanded the capabilities of Security Copilot with AI agents tackling data security, phishing, and identity management.
The post Microsoft Adds AI Agents to Security Copilot appeared first on SecurityWeek.
New Android malware uses Microsoft’s .NET MAUI to evade detection
New Android malware campaigns use Microsoft’s cross-platform framework .NET MAUI while disguising as legitimate services to evade detection. […]
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker
A new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin.
“Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and evolving threat actor that provides initial access broker (IAB) services to numerous criminal groups, many of which have connections to Russia,” Silent Push said in a report shared with The
“Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and evolving threat actor that provides initial access broker (IAB) services to numerous criminal groups, many of which have connections to Russia,” Silent Push said in a report shared with The
Charm Security Emerges From Stealth With $8 Million in Funding
Charm Security has emerged from stealth mode with $8 million in funding for AI-powered scams and social engineering prevention.
The post Charm Security Emerges From Stealth With $8 Million in Funding appeared first on SecurityWeek.
Numotion Data Breach Impacts Nearly 500,000 People
Email-related data breach suffered by wheelchair and other mobility equipment provider Numotion affects almost 500,000 individuals.
The post Numotion Data Breach Impacts Nearly 500,000 People appeared first on SecurityWeek.
Webinar Today: Which Security Testing Approach is Right for You?
Which Security Testing Approach is Right for You: BAS, Automated Penetration Testing, or Both?
The post Webinar Today: Which Security Testing Approach is Right for You? appeared first on SecurityWeek.