PoC code targeting two exploited SonicWall flaws was published just CISA added them to the KEV catalog.
The post PoC Published for Exploited SonicWall Vulnerabilities appeared first on SecurityWeek.
Cybersecurity M&A Roundup: 31 Deals Announced in April 2025
Thirty-one cybersecurity merger and acquisition (M&A) deals were announced in April 2025.
The post Cybersecurity M&A Roundup: 31 Deals Announced in April 2025 appeared first on SecurityWeek.
TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules
EU privacy watchdog fined TikTok $600 million after a four-year investigation found that data transfers to China put users at risk of spying, in breach of strict EU data privacy rules.
The post TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules appeared first on SecurityWeek.
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune and diversify their arsenal.
“TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet data, and browser extension information,” Recorded Future Insikt Group said. “TerraLogger, by contrast
“TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet data, and browser extension information,” Recorded Future Insikt Group said. “TerraLogger, by contrast
OpenAI document explains when to use each ChatGPT model
OpenAI admitted that it can be confusing for users to choose between all the different models, but the company has quietly published a document that makes it easier to understand ChatGPT. […]
StealC malware enhanced with stealth upgrades and data theft tools
The creators of StealC, a widely-used information stealer and malware downloader, have released its second major version, bringing multiple stealth and data theft enhancements. […]
Google NotebookLM is now using Gemini 2.5 Flash
Google NotebookLM, which is a research and note-taking AI tool, is getting upgraded to Gemini 2.5 Flash. […]
Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system’s primary disk and render it unbootable.
The names of the packages are listed below –
The names of the packages are listed below –
github[.]com/truthfulpharm/prototransform
github[.]com/blankloggia/go-mcp
github[.]com/steelpoor/tlsproxy
“Despite appearing legitimate,
Microsoft ends Authenticator password autofill, moves users to Edge
Microsoft has announced that it will discontinue the password storage and autofill feature in the Authenticator app starting in July and will complete the deprecation in August 2025. […]
Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware
An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two years.
The activity, which lasted from at least May 2023 to February 2025, entailed “extensive espionage operations and suspected network prepositioning – a tactic often used to maintain persistent access for future
The activity, which lasted from at least May 2023 to February 2025, entailed “extensive espionage operations and suspected network prepositioning – a tactic often used to maintain persistent access for future