French authorities arrested two crew members of an Italian passenger ferry suspected of infecting the ship with malware that could have enabled them to remotely control the vessel. […]
CISA Warns of Exploited Flaw in Asus Update Tool
Tracked as CVE-2025-59374, the issue is a software backdoor implanted in Asus Live Update in a supply chain attack.
The post CISA Warns of Exploited Flaw in Asus Update Tool appeared first on SecurityWeek.
ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories
This week’s ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small changes in tactics are stacking up fast, and each one hints at where the next big breach could come from.
From shifting infrastructures to clever social hooks, the week’s activity shows just how fluid the threat landscape has become.
Here’s the full rundown of what
From shifting infrastructures to clever social hooks, the week’s activity shows just how fluid the threat landscape has become.
Here’s the full rundown of what
North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft
Threat actors with ties to the Democratic People’s Republic of Korea (DPRK or North Korea) have been instrumental in driving a surge in global cryptocurrency theft in 2025, accounting for at least $2.02 billion out of more than $3.4 billion stolen from January through early December.
The figure represents a 51% increase year-over-year and $681 million more than 2024, when the threat actors stole
The figure represents a 51% increase year-over-year and $681 million more than 2024, when the threat actors stole
HPE warns of maximum severity RCE flaw in OneView software
Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables attackers to execute arbitrary code remotely. […]
The Case for Dynamic AI-SaaS Security as Copilots Scale
Within the past year, artificial intelligence copilots and agents have quietly permeated the SaaS applications businesses use every day. Tools like Zoom, Slack, Microsoft 365, Salesforce, and ServiceNow now come with built-in AI assistants or agent-like features. Virtually every major SaaS vendor has rushed to embed AI into their offerings.
The result is an explosion of AI capabilities across
The result is an explosion of AI capabilities across
113,000 Impacted by Data Breach at Virginia Mental Health Authority
Threat actors stole names, Social Security numbers, and financial and health information, and deployed ransomware on RBHA’s systems.
The post 113,000 Impacted by Data Breach at Virginia Mental Health Authority appeared first on SecurityWeek.
IoT Security Firm Exein Raises €100 Million
The Italian company has raised nearly $200 million in 2025 for its widely used embedded cybersecurity platform.
The post IoT Security Firm Exein Raises €100 Million appeared first on SecurityWeek.
France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry
France’s counterespionage agency is investigating a suspected cyberattack plot targeting an international passenger ferry
The post France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry appeared first on SecurityWeek.
Microsoft: Recent Windows updates break RemoteApp connections
Microsoft has confirmed that recent Windows updates trigger RemoteApp connection failures on Windows 11 24H2/25H2 and Windows Server 2025 devices in Azure Virtual Desktop environments. […]