In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet’s customers and detained at least five individuals. […]
Qevlar AI Raises $10 Million for Autonomous Investigation Platform
French cybersecurity startup Qevlar AI has raised $10 million in a funding round led by EQT Ventures and Forgepoint Capital International.
The post Qevlar AI Raises $10 Million for Autonomous Investigation Platform appeared first on SecurityWeek.
Treasury’s OCC Says Hackers Had Access to 150,000 Emails
The Office of the Comptroller of the Currency (OCC) has disclosed an email security incident in which 100 accounts were compromised for over a year.
The post Treasury’s OCC Says Hackers Had Access to 150,000 Emails appeared first on SecurityWeek.
New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner
A Chinese-affiliated threat actor known for its cyber-attacks in Asia has been observed exploiting a security flaw in security software from ESET to deliver a previously undocumented malware codenamed TCESB.
“Previously unseen in ToddyCat attacks, [TCESB] is designed to stealthily execute payloads in circumvention of protection and monitoring tools installed on the device,” Kaspersky said in an
“Previously unseen in ToddyCat attacks, [TCESB] is designed to stealthily execute payloads in circumvention of protection and monitoring tools installed on the device,” Kaspersky said in an
CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days
CISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog.
The post CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days appeared first on SecurityWeek.
Vulnerabilities Patched by Ivanti, VMware, Zoom
Ivanti, VMware, and Zoom released fixes for dozens of vulnerabilities in their products on April 2025 Patch Tuesday.
The post Vulnerabilities Patched by Ivanti, VMware, Zoom appeared first on SecurityWeek.
Explosive Growth of Non-Human Identities Creating Massive Security Blind Spots
GitGuardian’s State of Secrets Sprawl report for 2025 reveals the alarming scale of secrets exposure in modern software environments. Driving this is the rapid growth of non-human identities (NHIs), which have been outnumbering human users for years. We need to get ahead of it and prepare security measures and governance for these machine identities as they continue to be deployed, creating an
Fortinet Patches Critical FortiSwitch Vulnerability
Fortinet fixes a critical-severity bug in FortiSwitch that could allow an attacker to modify administrative passwords.
The post Fortinet Patches Critical FortiSwitch Vulnerability appeared first on SecurityWeek.
Oracle Faces Mounting Criticism as It Notifies Customers of Hack
Oracle is sending out written notifications to customers over the recent hack after it initially appeared to completely deny a data breach.
The post Oracle Faces Mounting Criticism as It Notifies Customers of Hack appeared first on SecurityWeek.
ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider
Industrial giants Siemens, Rockwell, Schneider and ABB have released their March 2025 Patch Tuesday ICS security advisories.
The post ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider appeared first on SecurityWeek.