Microsoft says Outlook for Web and the new Outlook for Windows will no longer display risky inline SVG images that are being used in attacks. […]
DrayTek warns of remote code execution bug in Vigor routers
Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform arbitrary code. […]
HackerOne paid $81 million in bug bounties over the past year
Bug bounty platform HackerOne announced that it paid out $81 million in rewards to white-hat hackers worldwide over the past 12 months. […]
Brave browser surpasses the 100 million active monthly users mark
Brave browser this September has reached 101 million monthly active users and 42 million daily active users, hitting a new record in the project’s history. […]
Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware
The threat actor known as Confucius has been attributed to a new phishing campaign that has targeted Pakistan with malware families like WooperStealer and Anondoor.
“Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and critical industries — especially in Pakistan – using spear-phishing and malicious documents as initial
“Over the past decade, Confucius has repeatedly targeted government agencies, military organizations, defense contractors, and critical industries — especially in Pakistan – using spear-phishing and malicious documents as initial
Microsoft Defender bug triggers erroneous BIOS update alerts
Microsoft is working to resolve a bug that causes Defender for Endpoint to incorrectly tag some devices’ BIOS (Basic Input/Output System) firmware as outdated, prompting users to update it. […]
Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency
ENISA has published its 2025 Threat Landscape report, highlighting some of the attacks aimed at OT systems.
The post Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency appeared first on SecurityWeek.
18% of Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency
ENISA has published its 2025 Threat Landscape report, highlighting some of the attacks aimed at OT systems.
The post 18% of Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency appeared first on SecurityWeek.
Your Service Desk is the New Attack Vector—Here’s How to Defend It.
Service desks are prime targets. A practical, NIST-aligned workflow for help desk user verification that stops social engineering without slowing support. Learn how role- & points-based verification workflows stop attackers cold. […]
Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown
Cybersecurity researchers have flagged a malicious package on the Python Package Index (PyPI) repository that claims to offer the ability to create a SOCKS5 proxy service, while also providing a stealthy backdoor-like functionality to drop additional payloads on Windows systems.
The deceptive package, named soopsocks, attracted a total of 2,653 downloads before it was taken down. It was first
The deceptive package, named soopsocks, attracted a total of 2,653 downloads before it was taken down. It was first