Microsoft has released Windows 11 KB5063878 and KB5063875 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. […]
Windows 10 KB5063709 update fixes extended security updates enrollment
Microsoft has released the KB5063709 cumulative update for Windows 10 22H2 and Windows 10 21H2, with seven fixes or changes, including a fix for a bug that prevented enrollment in extended security updates. […]
Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager
Cybersecurity researchers are warning of a “significant spike” in brute-force traffic aimed at Fortinet SSL VPN devices.
The coordinated activity, per threat intelligence firm GreyNoise, was observed on August 3, 2025, with over 780 unique IP addresses participating in the effort.
As many as 56 unique IP addresses have been detected over the past 24 hours. All the IP addresses have been
The coordinated activity, per threat intelligence firm GreyNoise, was observed on August 3, 2025, with over 780 unique IP addresses participating in the effort.
As many as 56 unique IP addresses have been detected over the past 24 hours. All the IP addresses have been
Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses
An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be working hand in hand, new findings show.
“This latest wave of ShinyHunters-attributed attacks reveals a dramatic shift in tactics, moving beyond the group’s previous credential theft and database
“This latest wave of ShinyHunters-attributed attacks reveals a dramatic shift in tactics, moving beyond the group’s previous credential theft and database
US govt seizes $1 million in crypto from BlackSuit ransomware gang
The U.S. Department of Justice (DoJ) seized cryptocurrency and digital assets worth $1,091,453 at the time of confiscation, on January 9, 2024, from the BlackSuit ransomware gang. […]
Android’s pKVM hypervisor earns SESIP Level 5 security certification
Google announced that its protected Kernel-based Virtual Machine (pKVM) for Android has achieved SESIP Level 5 certification, the highest security assurance level for IoT and mobile platforms. […]
Inside the Dark Web’s Access Economy: How Hackers Sell the Keys to Enterprise Networks
Rapid7’s analysis of dark web forums reveals a thriving market where elite hackers sell corporate network access to buyers, turning cybercrime into a streamlined business.
The post Inside the Dark Web’s Access Economy: How Hackers Sell the Keys to Enterprise Networks appeared first on SecurityWeek.
Curly COMrades cyberspies hit govt orgs with custom malware
A new cyber-espionage threat group has been using a new backdoor malware that provides persistent access through a seemingly inactive scheduled task. […]
Over 3,000 NetScaler devices left unpatched against CitrixBleed 2 bug
Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were released. […]
275M patient records breached—How to meet HIPAA password manager requirements
Healthcare led all industries in 2024 breaches—over 275M patient records exposed, mostly via weak or stolen passwords. See how the self-hosted password manager by Passwork helps providers meet HIPAA requirements, protect ePHI, and keep healthcare running. Try it free for 1 month. […]