Researchers have analyzed the ability of the Chinese gen-AI DeepSeek to create malware such as ransomware and keyloggers.
The post DeepSeek’s Malware-Generation Capabilities Put to Test appeared first on SecurityWeek.
North Korean Hackers Distributed Android Spyware via Google Play
The North Korea-linked APT37 has been observed targeting Android users with spyware distributed via Google Play.
The post North Korean Hackers Distributed Android Spyware via Google Play appeared first on SecurityWeek.
Medusa Ransomware Made 300 Critical Infrastructure Victims
CISA, FBI, and MS-ISAC warn of Medusa ransomware attacks targeting critical infrastructure organizations.
The post Medusa Ransomware Made 300 Critical Infrastructure Victims appeared first on SecurityWeek.
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections.
SAML is an XML-based markup language and open-standard used for exchanging authentication and authorization data between parties, enabling features like single sign-on (SSO), which allows
SAML is an XML-based markup language and open-standard used for exchanging authentication and authorization data between parties, enabling features like single sign-on (SSO), which allows
Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution
Organizations can align their processes with one of two global industry standards for self-assessment and security maturity—BSIMM and OWASP SAMM.
The post Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution appeared first on SecurityWeek.
Webinar on Demand: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks
How hyper agenda-driven threat actors, cybercriminals, and nation-states integrate digital, narrative, and physical attacks to target organizations through their executives.
The post Webinar on Demand: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks appeared first on SecurityWeek.
QuamCore Emerges From Stealth With $9 Million to Build a Quantum Computer
QuamCore’s secret sauce is a patented architecture that will allow the integration of 1 million qubits in a single cryostat.
The post QuamCore Emerges From Stealth With $9 Million to Build a Quantum Computer appeared first on SecurityWeek.
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025
As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments, providers and locations, expanding the attack surface for emerging cyberthreats. While the need for a strong data protection strategy has become
Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk
Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild.
The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution when parsing certain font
The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution when parsing certain font
WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback
Browser maker Mozilla is urging users to update their Firefox instances to the latest version to avoid facing issues with using add-ons due to the impending expiration of a root certificate.
“On March 14, 2025, a root certificate used to verify signed content and add-ons for various Mozilla projects, including Firefox, will expire,” Mozilla said.
“On March 14, 2025, a root certificate used to verify signed content and add-ons for various Mozilla projects, including Firefox, will expire,” Mozilla said.
“Without updating to Firefox