The cybersecurity startup will expand its engineering team, add more AI capabilities, and invest in go-to-market efforts.
The post Oneleet Raises $33 Million for Security Compliance Platform appeared first on SecurityWeek.
Oracle links Clop extortion attacks to July 2025 vulnerabilities
Oracle has linked an ongoing extortion campaign claimed by the Clop ransomware gang to E-Business Suite (EBS) vulnerabilities that were patched in July 2025. […]
Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL
Brazilian users have emerged as the target of a new self-propagating malware that spreads via the popular messaging app WhatsApp.
The campaign, codenamed SORVEPOTEL by Trend Micro, weaponizes the trust with the platform to extend its reach across Windows systems, adding the attack is “engineered for speed and propagation” rather than data theft or ransomware.
“SORVEPOTEL has been observed to
The campaign, codenamed SORVEPOTEL by Trend Micro, weaponizes the trust with the platform to extend its reach across Windows systems, adding the attack is “engineered for speed and propagation” rather than data theft or ransomware.
“SORVEPOTEL has been observed to
Unauthenticated RCE Flaw Patched in DrayTek Routers
The security defect can be exploited remotely via crafted HTTP/S requests to a vulnerable device’s web user interface.
The post Unauthenticated RCE Flaw Patched in DrayTek Routers appeared first on SecurityWeek.
Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security
Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity of credential storage and sharing in modern organizations. The platform recently received a major update that reworks all the core mechanics.
Passwork 7 introduces significant changes to how credentials are organized, accessed, and managed, reflecting
Passwork 7 introduces significant changes to how credentials are organized, accessed, and managed, reflecting
Gmail business users can now send encrypted emails to anyone
Google says that Gmail enterprise users can now send end-to-end encrypted emails to people who use any email service or platform. […]
Organizations Warned of Exploited Meteobridge Vulnerability
Patched in mid-May, the security defect allows remote unauthenticated attackers to execute arbitrary commands with root privileges.
The post Organizations Warned of Exploited Meteobridge Vulnerability appeared first on SecurityWeek.
MokN Raises $3 Million for Phish-Back Solution
The French cybersecurity startup tricks attackers into revealing stolen credentials so they can be neutralized.
The post MokN Raises $3 Million for Phish-Back Solution appeared first on SecurityWeek.
New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT
A threat actor that’s known to share overlaps with a hacking group called YoroTrooper has been observed targeting the Russian public sector with malware families such as FoalShell and StallionRAT.
Cybersecurity vendor BI.ZONE is tracking the activity under the moniker Cavalry Werewolf. It’s also assessed to have commonalities with clusters tracked as SturgeonPhisher, Silent Lynx, Comrade Saiga,
Cybersecurity vendor BI.ZONE is tracking the activity under the moniker Cavalry Werewolf. It’s also assessed to have commonalities with clusters tracked as SturgeonPhisher, Silent Lynx, Comrade Saiga,
Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks
The software giant’s investigation showed that vulnerabilities patched in July 2025 may be involved.
The post Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks appeared first on SecurityWeek.