China’s DeepSeek blamed sign-up disruptions on a cyberattack as researchers started finding vulnerabilities in the R1 AI model.
The post DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge appeared first on SecurityWeek.
ENGlobal Says Personal Information Accessed in Ransomware Attack
ENGlobal has informed the SEC that personal information was compromised in a November 2024 ransomware attack.
The post ENGlobal Says Personal Information Accessed in Ransomware Attack appeared first on SecurityWeek.
SonicWall Confirms Exploitation of New SMA Zero-Day
SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild.
The post SonicWall Confirms Exploitation of New SMA Zero-Day appeared first on SecurityWeek.
AI SOC Analysts: Propelling SecOps into the future
Triaging and investigating alerts is central to security operations. As SOC teams strive to keep up with ever-increasing alert volumes and complexity, modernizing SOC automation strategies with AI has emerged as a critical solution. This blog explores how an AI SOC Analyst transforms alert management, addressing key SOC challenges while enabling faster investigations and responses.
Security
Security
Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations
Cybersecurity researchers have found that ransomware attacks targeting ESXi systems are also leveraging the access to repurpose the appliances as a conduit to tunnel traffic to command-and-control (C2) infrastructure and stay under the radar.
“ESXi appliances, which are unmonitored, are increasingly exploited as a persistence mechanism and gateway to access corporate networks widely,” Sygnia
“ESXi appliances, which are unmonitored, are increasingly exploited as a persistence mechanism and gateway to access corporate networks widely,” Sygnia
Apple Patches First Exploited iOS Zero-Day of 2025
Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks.
The post Apple Patches First Exploited iOS Zero-Day of 2025 appeared first on SecurityWeek.
How Long Does It Take Hackers to Crack Modern Hashing Algorithms?
While passwords remain the first line of defense for protecting user accounts against unauthorized access, the methods for creating strong passwords and protecting them are continually evolving. For example, NIST password recommendations are now prioritizing password length over complexity. Hashing, however, remains a non-negotiable. Even long secure passphrases should be hashed to prevent them
Top-Rated Chinese AI App DeepSeek Limits Registrations Amid Cyberattacks
DeepSeek, the Chinese AI startup that has captured much of the artificial intelligence (AI) buzz in recent days, said it’s restricting registrations on the service, citing malicious attacks.
“Due to large-scale malicious attacks on DeepSeek’s services, we are temporarily limiting registrations to ensure continued service,” the company said in an incident report page. “Existing users can log in
“Due to large-scale malicious attacks on DeepSeek’s services, we are temporarily limiting registrations to ensure continued service,” the company said in an incident report page. “Existing users can log in
Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More
Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild.
The vulnerability, tracked as CVE-2025-24085, has been described as a use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate privileges.
“Apple is
The vulnerability, tracked as CVE-2025-24085, has been described as a use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate privileges.
“Apple is
DeepSeek halts new signups amid “large-scale” cyberattack
Chinese AI platform DeepSeek has disabled registrations on it DeepSeek-V3 chat platform due to an ongoing “large-scale” cyberattack targeting its services. […]