A vulnerability allowed researchers to brute-force any Google account’s recovery phone number simply by knowing a their profile name and an easily retrieved partial phone number, creating a massive risk for phishing and SIM-swapping attacks. […]
Chinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’
Foreign hackers have increasingly identified smartphones, other mobile devices and the apps they use as a weak link in U.S. cyberdefenses.
The post Chinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’ appeared first on SecurityWeek.
SentinelOne shares new details on China-linked breach attempt
SentinelOne has shared more details on an attempted supply chain attack by Chinese hackers through an IT services and logistics firm that manages hardware logistics for the cybersecurity firm. […]
Linux Foundation unveils decentralized WordPress plugin manager
A collective of former WordPress developers and contributors backed by the Linux Foundation has launched the FAIR Package Manager, a new and independent distribution system for trusted WordPress plugins and themes. […]
Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign
Anti-malware vendor said it spent the past twelve months deflecting a stream of network reconnaissance probes from China-nexus threat actors
The post Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign appeared first on SecurityWeek.
Sensata Technologies says personal data stolen by ransomware gang
Sensata Technologies is warning former and current employees it suffered a data breach after concluding an investigation into an April ransomware attack. […]
Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group
The reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets between July 2024 and March 2025.
“The victimology includes a South Asian government entity, a European media organization, and more than 70 organizations across a wide range of sectors,” security researchers Aleksandar Milenkoski and Tom
“The victimology includes a South Asian government entity, a European media organization, and more than 70 organizations across a wide range of sectors,” security researchers Aleksandar Milenkoski and Tom
Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks
A now-patched critical security flaw in the Wazur Server is being exploited by threat actors to drop two different Mirai botnet variants and use them to conduct distributed denial-of-service (DDoS) attacks.
Akamai, which first discovered the exploitation efforts in late March 2025, said the malicious campaign targets CVE-2025-24016 (CVSS score: 9.9), an unsafe deserialization vulnerability that
Akamai, which first discovered the exploitation efforts in late March 2025, said the malicious campaign targets CVE-2025-24016 (CVSS score: 9.9), an unsafe deserialization vulnerability that
Guardz Banks $56M Series B for All-in-One SMB Security
The Israeli company said the Series B raise was led by ClearSky and included equity stakes for new backer Phoenix Financial.
The post Guardz Banks $56M Series B for All-in-One SMB Security appeared first on SecurityWeek.
Designing Blue Team playbooks with Wazuh for proactive incident response
Blue Team playbooks are essential—but tools like Wazuh take them to the next level. From credential dumping to web shells and brute-force attacks, see how Wazuh strengthens real-time detection and automated response. […]