The ringleader of the Jetflicks illegal paid streaming operation, a massive service with tens of thousands of subscribers, was sentenced to seven years in prison. […]
Organizations Warned of Interlock Ransomware Attacks
The US government has issued an alert on the Interlock ransomware, which targets organizations via drive-by download attacks.
The post Organizations Warned of Interlock Ransomware Attacks appeared first on SecurityWeek.
Kerberoasting Detections: A New Approach to a Decade-Old Challenge
Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It’s because existing detections rely on brittle heuristics and static rules, which don’t hold up for detecting potential attack patterns in highly variable Kerberos traffic. They frequently generate false positives or miss “low-and-slow” attacks altogether.&
Microsoft fixes bug behind incorrect Windows Firewall errors
Microsoft has resolved a known issue that triggers invalid Windows Firewall errors after rebooting Windows 11 24H2 systems with the June 2025 preview update installed. […]
Critical Vulnerabilities Patched in Sophos Firewall
Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code.
The post Critical Vulnerabilities Patched in Sophos Firewall appeared first on SecurityWeek.
High-Severity Flaws Patched in Chrome, Firefox
Fresh security updates for Chrome and Firefox resolve multiple high-severity memory safety vulnerabilities.
The post High-Severity Flaws Patched in Chrome, Firefox appeared first on SecurityWeek.
Lumma Stealer Malware Returns After Takedown Attempt
The Lumma Stealer is back after Microsoft and law enforcement took action to significantly disrupt the malware’s infrastructure.
The post Lumma Stealer Malware Returns After Takedown Attempt appeared first on SecurityWeek.
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ecosystems and prevent software supply chain attacks.
“As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream maintainers,” Matthew Suozzo, Google Open Source Security
“As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream maintainers,” Matthew Suozzo, Google Open Source Security
Hackers Start Exploiting Critical Cisco ISE Vulnerabilities
Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution.
The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek.
CISA Warns of SysAid Vulnerability Exploitation
CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog.
The post CISA Warns of SysAid Vulnerability Exploitation appeared first on SecurityWeek.