Flights across Greece were impacted for several hours after noise was reported on multiple air traffic communication channels.
The post Cyberattack Unlikely in Communications Failure That Grounded Flights in Greece appeared first on SecurityWeek.
Brightspeed Investigating Cyberattack
The hacking group Crimson Collective has claimed the theft of personal information pertaining to over 1 million Brightspeed customers.
The post Brightspeed Investigating Cyberattack appeared first on SecurityWeek.
Sedgwick Confirms Cyberattack on Government Subsidiary
Hackers have compromised a file transfer system at Sedgwick’s subsidiary that serves government agencies.
The post Sedgwick Confirms Cyberattack on Government Subsidiary appeared first on SecurityWeek.
VSCode IDE forks expose users to “recommended extension” attacks
Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the OpenVSX registry, allowing threat actors to claim the namespace and upload malicious extensions. […]
Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks
The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient.
“Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy bandwidth, and selling its DDoS functionality,” the company said in an analysis published last week.
Kimwolf
“Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy bandwidth, and selling its DDoS functionality,” the company said in an analysis published last week.
Kimwolf
Ledger customers impacted by third-party Global-e data breach
Ledger is informing some customers that their personal data has been exposed after hackers breached the systems of third-party payment processor Global-e. […]
CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries
With 24 new vulnerabilities known to be exploited by ransomware groups, the list now includes 1,484 software and hardware flaws.
The post CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries appeared first on SecurityWeek.
Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the Outcome
As agentic AI adoption accelerates, identity is emerging as the primary security challenge. Token Security explains why AI agents behave like a new class of identity and why CISOs must manage their access, lifecycle, and risk. […]
NordVPN denies breach claims, says attackers have “dummy data”
NordVPN denied allegations that its internal Salesforce development servers were breached, saying that cybercriminals obtained “dummy data” from a trial account on a third-party automated testing platform. […]
⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More
The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved quietly, reused familiar paths, and kept working longer than anyone wants to admit.
This week’s stories share one pattern. Nothing flashy. No single moment. Just steady abuse of trust — updates, extensions,
This week’s stories share one pattern. Nothing flashy. No single moment. Just steady abuse of trust — updates, extensions,