April 2025 – Page 16

Three Reasons Why the Browser is Best for Stopping Phishing Attacks

Phishing attacks remain a huge challenge for organizations in 2025. In fact, with attackers increasingly leveraging identity-based techniques over software exploits, phishing arguably poses a bigger threat than ever before.
Attackers are increasingly leveraging identity-based techniques over software exploits, with phishing and stolen credentials (a byproduct of phishing) now the primary

Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp

Multiple suspected Russia-linked threat actors are “aggressively” targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025.
The highly targeted social engineering operations, per Volexity, are a shift from previously documented attacks that leveraged a technique known as device code

Kelly Benefits Data Breach Impacts 260,000 People

Benefits and payroll solutions provider Kelly Benefits has disclosed a data breach impacting more than 260,000 individuals.

The post Kelly Benefits Data Breach Impacts 260,000 People appeared first on SecurityWeek.

Cyberattack Hits British Retailer Marks & Spencer

British retailer Marks & Spencer has been experiencing certain service disruptions after falling victim to a cyberattack.

The post Cyberattack Hits British Retailer Marks & Spencer appeared first on SecurityWeek.

Data Breach at Onsite Mammography Impacts 350,000

Massachusetts medical firm Onsite Mammography discloses data breach impacting the personal information of 350,000 patients.

The post Data Breach at Onsite Mammography Impacts 350,000 appeared first on SecurityWeek.

Terra Security Raises $8M for Agentic AI Penetration Testing Platform

Cybersecurity startup Terra Security has raised $8 million in seed funding from SYN Ventures, FXP Ventures, and Underscore VC.

The post Terra Security Raises $8M for Agentic AI Penetration Testing Platform appeared first on SecurityWeek.

Microsoft fixes Remote Desktop freezes caused by Windows updates

Microsoft has resolved a known issue causing Remote Desktop sessions to freeze on Windows Server 2025 and Windows 11 24H2 devices. […]

Microsoft fixes Windows Server 2025 blue screen, install issues

Microsoft has fixed several known issues that caused Blue Screen of Death (BSOD) and installation issues on Windows Server 2025 systems with a high core count. […]

Korean Telco Giant SK Telecom Hacked

SK Telecom, South Korea’s largest telecom company, disclosed a data leak involving a malware infection.

The post Korean Telco Giant SK Telecom Hacked appeared first on SecurityWeek.

Ripple’s xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack

The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users’ private keys.
The malicious activity has been found to affect five different versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. The issue has been addressed in versions 4.2.5 and 2.14.3.

Month: April 2025