Microsoft has released the KB5055627 preview cumulative update for Windows 11 24H2 with many new features gradually rolling out, and some new bug fixes for everyone. […]
Craft CMS RCE exploit chain used in zero-day attacks to steal data
Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. […]
Marks & Spencer pauses online orders after cyberattack
British retailer giant Marks & Spencer (M&S) has suspended online orders while working to recover from a recently disclosed cyberattack. […]
Mobile provider MTN says cyberattack compromised customer data
African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries. […]
Windows “inetpub” security fix can be abused to block future updates
A recent Windows security update that creates an ‘inetpub’ folder has introduced a new weakness allowing attackers to prevent the installation of future updates. […]
Baltimore City Public Schools data breach affects over 31,000 people
Baltimore City Public Schools notified tens of thousands of employees and students of a data breach following an incident in February when unknown attackers hacked into its network. […]
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process.
“In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry—BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)—to spread
“In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry—BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)—to spread
Former Google Cloud CISO Phil Venables Joins Ballistic Ventures
Venables has served as CISO and security executive across several large organizations, including Google Cloud, Goldman Sachs, Deutsche Bank.
The post Former Google Cloud CISO Phil Venables Joins Ballistic Ventures appeared first on SecurityWeek.
Lattica Emerges From Stealth With FHE Platform for AI
Lattica has raised $3.25 million in pre-seed funding for a platform that uses FHE to enable AI models to process encrypted data.
The post Lattica Emerges From Stealth With FHE Platform for AI appeared first on SecurityWeek.
M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat
Mandiant’s latest threat report shows how attackers adapt faster than defenses, shifting strategies toward credential theft and insider threats.
The post M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat appeared first on SecurityWeek.