Attackers are now exploiting a critical Fortinet FortiSIEM vulnerability with publicly available proof-of-concept exploit code. […]
LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing
Security experts have disclosed details of a new campaign that has targeted U.S. government and policy entities using politically themed lures to deliver a backdoor known as LOTUSLITE.
The targeted malware campaign leverages decoys related to the recent geopolitical developments between the U.S. and Venezuela to distribute a ZIP archive (“US now deciding what’s next for Venezuela.zip”)
The targeted malware campaign leverages decoys related to the recent geopolitical developments between the U.S. and Venezuela to distribute a ZIP archive (“US now deciding what’s next for Venezuela.zip”)
Cisco Patches Vulnerability Exploited by Chinese Hackers
UAT-9686 exploited the bug to deploy the AquaShell backdoor on Cisco appliances with certain ports open to the internet.
The post Cisco Patches Vulnerability Exploited by Chinese Hackers appeared first on SecurityWeek.
Cisco finally fixes AsyncOS zero-day exploited since November
​Cisco finally patched a maximum-severity AsyncOS zero-day exploited in attacks targeting Secure Email Gateway (SEG) appliances since November 2025. […]
Microsoft: Some Windows PCs fail to shut down after January update
Microsoft has confirmed a new issue that prevents Windows 11 23H2 devices with System Guard Secure Launch enabled from shutting down. […]
Former CISA Director Jen Easterly Appointed CEO of RSAC
Easterly will be leading the world-renowned cybersecurity conference and other RSAC programs.
The post Former CISA Director Jen Easterly Appointed CEO of RSAC appeared first on SecurityWeek.
China-Linked APT Exploits Sitecore Zero-Day in Attacks on American Critical Infrastructure
A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year.
Cisco Talos, which is tracking the activity under the name UAT-8837, assessed it to be a China-nexus advanced persistent threat (APT) actor with medium confidence based on tactical overlaps with other campaigns mounted by threat actors from the region.
Cisco Talos, which is tracking the activity under the name UAT-8837, assessed it to be a China-nexus advanced persistent threat (APT) actor with medium confidence based on tactical overlaps with other campaigns mounted by threat actors from the region.
Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways
Cisco on Thursday released security updates for a maximum-severity security flaw impacting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager, nearly a month after the company disclosed that it had been exploited as a zero-day by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686.
The vulnerability, tracked as CVE-2025-20393 (CVSS
The vulnerability, tracked as CVE-2025-20393 (CVSS
Google now lets you change your @gmail.com address, rolling out
Google has confirmed that it’s now possible to change your @gmail.com address. This means that if your current email is xyz@gmail.com, you can now change it to abc@gmail.com. […]
ChatGPT is now more reliable at finding and remembering your past chat
OpenAI is rolling out a big upgrade for ChatGPT with support for advanced chat history search, but the feature is rolling out to Plus and Pro subscribers only. […]