Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or still under active support after installing the October 2025 updates. […]
Virtual Event Today: CISO Forum 2025 Virtual Summit
From the evolving role of AI to the realities of cloud risk and governance, the CISO Forum Virtual Summit brings together CISOs, researchers, and innovators to share practical insights and strategies.
The post Virtual Event Today: CISO Forum 2025 Virtual Summit appeared first on SecurityWeek.
New UK laws to strengthen critical infrastructure cyber defenses
The United Kingdom has introduced new legislation to boost cybersecurity defenses for hospitals, energy systems, water supplies, and transport networks against cyberattacks, linked to annual damages of nearly £15 billion ($19.6 billion). […]
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
Amazon’s threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware.
“This discovery highlights the trend of threat actors focusing on critical identity and network access control infrastructure –
“This discovery highlights the trend of threat actors focusing on critical identity and network access control infrastructure –
Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks
An advanced threat actor exploited the critical vulnerabilities “Citrix Bleed 2” (CVE-2025-5777) in NetScaler ADC and Gateway, and CVE-2025-20337 affecting Cisco Identity Service Engine (ISE) as zero-days to deploy custom malware. […]
Sweet Security Raises $75 Million for Cloud and AI Security
The cybersecurity startup will use the investment to accelerate global expansion and product innovation.
The post Sweet Security Raises $75 Million for Cloud and AI Security appeared first on SecurityWeek.
Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit
Google is targeting the threat group known as Smishing Triad, which used over 194,000 malicious domains in a campaign.
The post Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit appeared first on SecurityWeek.
Synnovis notifies of data breach after 2024 ransomware attack
Synnovis, a leading UK pathology services provider, is notifying healthcare providers that a data breach occurred following a ransomware attack in June 2024, which resulted in the theft of some patients’ data. […]
High-Severity Vulnerabilities Patched by Ivanti and Zoom
Ivanti and Zoom resolved security defects that could lead to arbitrary file writes, elevation of privilege, code execution, and information disclosure.
The post High-Severity Vulnerabilities Patched by Ivanti and Zoom appeared first on SecurityWeek.