Silk Typhoon was seen exploiting Citrix NetScaler and Commvault vulnerabilities for initial access to victim systems.
The post Chinese Silk Typhoon Hackers Exploited Commvault Zero-Day appeared first on SecurityWeek.
Microsoft: August Windows updates cause severe streaming issues
Microsoft has confirmed that the August 2025 security updates are causing severe lag and stuttering issues with NDI streaming software on some Windows 10 and Windows 11 systems. […]
CISA Issues Draft Software Bill of Materials Guide for Public Comment
Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage
Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that involves abusing trusted relationships in the cloud to breach enterprise networks.
“The adversary has also shown considerable ability to quickly weaponize N-day and zero-day vulnerabilities and frequently achieves initial access to their targets by
“The adversary has also shown considerable ability to quickly weaponize N-day and zero-day vulnerabilities and frequently achieves initial access to their targets by
Developer Who Hacked Former Employer’s Systems Sentenced to Prison
Davis Lu was sentenced to four years in prison for installing malicious code on employer’s systems and for deleting encrypted data.
The post Developer Who Hacked Former Employer’s Systems Sentenced to Prison appeared first on SecurityWeek.
Automation Is Redefining Pentest Delivery
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn’t kept pace.
Most organizations still rely on traditional reporting methods—static PDFs, emailed documents, and spreadsheet-based tracking. The problem? These outdated workflows introduce delays,
Most organizations still rely on traditional reporting methods—static PDFs, emailed documents, and spreadsheet-based tracking. The problem? These outdated workflows introduce delays,
Massive anti-cybercrime operation leads to over 1,200 arrests in Africa
Law enforcement authorities in Africa have arrested over 1,200 suspects as part of ‘Operation Serengeti 2.0,’ an INTERPOL-led international crackdown targeting cross-border cybercriminal gangs. […]
CPAP Medical Data Breach Impacts 90,000 People
CPAP Medical Supplies and Services has disclosed a data breach resulting from an intrusion that occurred in December 2024.
The post CPAP Medical Data Breach Impacts 90,000 People appeared first on SecurityWeek.
DaVita says ransomware gang stole data of nearly 2.7 million people
Kidney dialysis firm DaVita has confirmed that a ransomware gang that breached its network stole the personal and health information of nearly 2.7 million individuals. […]
AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure
AWS has addressed a vulnerability that could have been leveraged to bypass Trusted Advisor’s S3 bucket permissions check.
The post AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure appeared first on SecurityWeek.