Scattered Spider isn’t one group — it’s an identity-first threat model evolving fast. From vishing to AiTM phishing, they’re exploiting MFA gaps to hijack the cloud. Watch the Push Security webinar to learn how their identity-based tactics work — and how to stop them. […]
Why Scamming Can’t Be Stopped—But It Can Be Managed
With crime-as-a-service lowering the barrier to entry and prosecution lagging behind, enterprise security teams must rethink their strategies to detect and disrupt scams at scale.
The post Why Scamming Can’t Be Stopped—But It Can Be Managed appeared first on SecurityWeek.
CISA warns of ConnectWise ScreenConnect bug exploited in attacks
CISA is alerting federal agencies in the U.S. of hackers exploiting a recently patched ScreenConnect vulnerability that could lead to executing remote code on the server. […]
1,000 Instantel Industrial Monitoring Devices Possibly Exposed to Hacking
A critical command execution vulnerability has been found by a researcher in Instantel Micromate monitoring units.
The post 1,000 Instantel Industrial Monitoring Devices Possibly Exposed to Hacking appeared first on SecurityWeek.
Victoria’s Secret delays earnings release after security incident
Fashion retail giant Victoria’s Secret has delayed its first quarter 2025 earnings release because of ongoing corporate system restoration efforts following a May 24 security incident. […]
Zero Networks Raises $55 Million for Microsegmentation Solution
Microsegmentation provider Zero Networks has raised $55 million in a Series C funding round led by Highland Europe.
The post Zero Networks Raises $55 Million for Microsegmentation Solution appeared first on SecurityWeek.
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code
Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube webmail software that has gone unnoticed for a decade and could be exploited to take over susceptible systems and execute arbitrary code.
The vulnerability, tracked as CVE-2025-49113, carries a CVSS score of 9.9 out of 10.0. It has been described as a case of post-authenticated remote code execution via
The vulnerability, tracked as CVE-2025-49113, carries a CVSS score of 9.9 out of 10.0. It has been described as a case of post-authenticated remote code execution via
MainStreet Bank Data Breach Impacts Customer Payment Cards
The incident occurred in March and impacted the personally identifiable information of approximately 4.65% of MainStreet Bancshares’ customers.
The post MainStreet Bank Data Breach Impacts Customer Payment Cards appeared first on SecurityWeek.
Over 30 Vulnerabilities Patched in Android
The latest Android updates fix vulnerabilities in Runtime, Framework, System, and third-party components of the mobile OS.
The post Over 30 Vulnerabilities Patched in Android appeared first on SecurityWeek.
Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization
In the wake of high-profile attacks on UK retailers Marks & Spencer and Co-op, Scattered Spider has been all over the media, with coverage spilling over into the mainstream news due to the severity of the disruption caused — currently looking like hundreds of millions in lost profits for M&S alone.
This coverage is extremely valuable for the cybersecurity community as it raises
This coverage is extremely valuable for the cybersecurity community as it raises