The video game software development company says the incident impacted users of its SpeedTree website.
The post Malicious Code on Unity Website Skims Information From Hundreds of Customers appeared first on SecurityWeek.
Meet Varonis Interceptor: AI-Native Email Security
AI-generated phishing and social engineering attacks outpace traditional email defenses. Varonis’ new Interceptor platform uses multimodal AI — vision, language, and behavior models — to detect zero-hour attacks and stop them before they reach users. […]
Microsoft: Windows 11 Media Creation Tool broken on Windows 10 PCs
Microsoft says the latest version of the Windows 11 Media Creation Tool (MCT) no longer works correctly on Windows 10 22H2 computers. […]
⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly — one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done.
This week’s edition looks at how attackers are changing the game — linking different flaws, working together across borders, and even turning trusted tools into weapons.
This week’s edition looks at how attackers are changing the game — linking different flaws, working together across borders, and even turning trusted tools into weapons.
SonicWall SSL VPN Accounts in Attacker Crosshairs
Threat actors have rapidly compromised more than 100 SonicWall SSL VPN accounts pertaining to over a dozen entities.
The post SonicWall SSL VPN Accounts in Attacker Crosshairs appeared first on SecurityWeek.
SimonMed Imaging Data Breach Impacts 1.2 Million
SimonMed Imaging was targeted by the Medusa ransomware group, which claimed to have stolen 200 Gb of data.
The post SimonMed Imaging Data Breach Impacts 1.2 Million appeared first on SecurityWeek.
Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk
Think your WAF has you covered? Think again. This holiday season, unmonitored JavaScript is a critical oversight allowing attackers to steal payment data while your WAF and intrusion detection systems see nothing. With the 2025 shopping season weeks away, visibility gaps must close now.
Get the complete Holiday Season Security Playbook here.
Bottom Line Up Front
The 2024 holiday season saw major
Get the complete Holiday Season Security Playbook here.
Bottom Line Up Front
The 2024 holiday season saw major
NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms
Threat actors used automation to create over 175 malicious NPM packages targeting more than 135 organizations.
The post NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms appeared first on SecurityWeek.
Harvard investigating breach linked to Oracle zero-day exploit
Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle’s E-Business Suite servers. […]
Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data
It’s unclear if the new Oracle E-Business Suite flaw, which can be exploited remotely without authentication, has been used in the wild.
The post Oracle Patches EBS Vulnerability Allowing Access to Sensitive Data appeared first on SecurityWeek.