The ClickTok campaign lures victims with fake TikTok shops and drains their crypto wallets. CTM360 exposes how SparkKitty spyware spreads via trojanized apps, phishing pages, and AI-powered scams. […]
New Plague Linux malware stealthily maintains SSH access
A newly discovered Linux malware, which has evaded detection for over a year, allows attackers to gain persistent SSH access and bypass authentication on compromised systems. […]
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally
Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer.
The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based underground ecosystem that automates the resale and reuse via Telegram APIs, according to a joint
The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based underground ecosystem that automates the resale and reuse via Telegram APIs, according to a joint
US Announces $100 Million for State, Local and Tribal Cybersecurity
CISA and FEMA announced two grants of more than $100 million for state, local, and tribal governments looking to improve cybersecurity.
The post US Announces $100 Million for State, Local and Tribal Cybersecurity appeared first on SecurityWeek.
AI Guardrails Under Fire: Cisco’s Jailbreak Demo Exposes AI Weak Points
Cisco’s latest jailbreak method reveals just how easily sensitive data can be extracted from chatbots trained on proprietary or copyrighted content.
The post AI Guardrails Under Fire: Cisco’s Jailbreak Demo Exposes AI Weak Points appeared first on SecurityWeek.
Sean Cairncross Confirmed by Senate as National Cyber Director
The US Senate voted to confirm Sean Cairncross as the National Cyber Director, five months after nominalization.
The post Sean Cairncross Confirmed by Senate as National Cyber Director appeared first on SecurityWeek.
⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More
Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about being malicious—it’s about being believable.
Cybersecurity M&A Roundup: 44 Deals Announced in July 2025
Forty-four cybersecurity merger and acquisition (M&A) deals were announced in July 2025.
The post Cybersecurity M&A Roundup: 44 Deals Announced in July 2025 appeared first on SecurityWeek.
Ransomware gangs join attacks targeting Microsoft SharePoint servers
Ransomware gangs have recently joined ongoing attacks targeting a Microsoft SharePoint vulnerability chain, part of a broader exploitation campaign that has already led to the breach of at least 148 organizations worldwide. […]
Man-in-the-Middle Attack Prevention Guide
Some of the most devastating cyberattacks don’t rely on brute force, but instead succeed through stealth. These quiet intrusions often go unnoticed until long after the attacker has disappeared. Among the most insidious are man-in-the-middle (MITM) attacks, where criminals exploit weaknesses in communication protocols to silently position themselves between two unsuspecting parties