Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead. The post Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises appeared first on SecurityWeek. Source: https://www.securityweek.com/google-half-of-2025s-90-exploited-zero-days-aimed-at-enterprises/
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises Read More »
Cybersecurity
Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered fresh activity, security teams shared new findings, and a few unexpected moves from major tech companies also drew attention. Together, these updates offer a useful snapshot of
ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More Read More »
Cybersecurity
Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered fresh activity, security teams shared new findings, and a few unexpected moves from major tech companies also drew attention. Together, these updates offer a useful snapshot of
ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More Read More »
CybersecurityMuch of Central and South America struggles with cybersecurity maturity, and hackers are taking advantage. Source: https://www.darkreading.com/threat-intelligence/latam-2x-more-cyberattacks-us
LatAm Now Faces 2x More Cyberattacks Than US Read More »
Cybersecurity
Most organizations assume encrypted data is safe. But many attackers are already preparing for a future where today’s encryption can be broken. Instead of trying to decrypt information now, they are collecting encrypted data and storing it so it can be decrypted later using quantum computers. This tactic—known as “harvest now, decrypt later”—means sensitive data
Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders Read More »
Cybersecurity
Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered fresh activity, security teams shared new findings, and a few unexpected moves from major tech companies also drew attention. Together, these updates offer a useful snapshot of
ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More Read More »
CybersecurityEvgenii Ptitsyn was extradited to the United States from South Korea in November 2024. The post Russian Ransomware Operator Pleads Guilty in US appeared first on SecurityWeek. Source: https://www.securityweek.com/russian-ransomware-operator-pleads-guilty-in-us/
Russian Ransomware Operator Pleads Guilty in US Read More »
CybersecuritySpanish and Ukrainian law enforcement authorities dismantled a criminal ring that exploited war-displaced Ukrainian women to run an online gambling scheme that laundered nearly €4.75 million in illicit proceeds. […] Source: https://www.bleepingcomputer.com/news/security/police-dismantles-online-gambling-ring-exploiting-ukrainian-women/
Police dismantles online gambling ring exploiting Ukrainian women Read More »
CybersecurityThe networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities. The post Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild appeared first on SecurityWeek. Source: https://www.securityweek.com/cisco-warns-of-more-catalyst-sd-wan-flaws-exploited-in-the-wild/
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild Read More »
CybersecurityThe company will expand its engineering team, deepen integrations, and accelerate go-to-market initiatives. The post Reclaim Security Raises $20 Million to Accelerate Remediation appeared first on SecurityWeek. Source: https://www.securityweek.com/reclaim-security-raises-20-million-to-accelerate-remediation/
Reclaim Security Raises $20 Million to Accelerate Remediation Read More »
CybersecurityThe stolen credential marketplace had been active since 2021 and in late 2025 it counted 142,000 users. The post LeakBase Cybercrime Forum Shut Down, Suspects Arrested appeared first on SecurityWeek. Source: https://www.securityweek.com/leakbase-cybercrime-forum-shut-down-suspects-arrested/
LeakBase Cybercrime Forum Shut Down, Suspects Arrested Read More »
CybersecurityCisco has flagged two more Catalyst SD-WAN Manager security flaws as actively exploited in the wild, urging administrators to upgrade vulnerable devices. […] Source: https://www.bleepingcomputer.com/news/security/cisco-flags-more-sd-wan-flaws-as-actively-exploited-in-attacks/
Cisco flags more SD-WAN flaws as actively exploited in attacks Read More »
Cybersecurity
Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow. “The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, an initial HTA file displays a lure document written in Ukrainian concerning
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine Read More »
CybersecurityCisco has rolled out patches for 48 vulnerabilities in Firewall ASA, Secure FMC, and Secure FTD products. The post Cisco Patches Critical Vulnerabilities in Enterprise Networking Products appeared first on SecurityWeek. Source: https://www.securityweek.com/cisco-patches-critical-vulnerabilities-in-enterprise-networking-products/
Cisco Patches Critical Vulnerabilities in Enterprise Networking Products Read More »
CybersecurityA Russian national pleaded guilty to a wire fraud conspiracy charge related to his role in administering the Phobos ransomware operation, which breached hundreds of victims worldwide. […] Source: https://www.bleepingcomputer.com/news/security/phobos-ransomware-admin-pleads-guilty-to-wire-fraud-conspiracy/
Phobos ransomware admin pleads guilty to wire fraud conspiracy Read More »
Cybersecurity
A joint law enforcement operation has dismantled LeakBase, one of the world’s largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools. The LeakBase forum, per the U.S. Department of Justice (DoJ), had over 142,000 members and more than 215,000 messages between members as of December 2025. Those attempting to access
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials Read More »
Cybersecurity
Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a coalition of law enforcement agencies and security companies. The subscription-based phishing kit, which first emerged in August 2023, was described by Europol as one of the largest phishing Source: https://thehackernews.com/2026/03/europol-led-operation-takes-down-tycoon.html
Google and iVerify analysis reveals a powerful exploit kit originally used by Russian state actors that is now appearing in broader criminal campaigns. The post Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks appeared first on SecurityWeek. Source: https://www.securityweek.com/nation-state-ios-exploit-kit-coruna-found-powering-global-attacks/
Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks Read More »
CybersecurityA maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication. […] Source: https://www.bleepingcomputer.com/news/security/mail2shell-zero-click-attack-lets-hackers-hijack-freescout-mail-servers/
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers Read More »
CybersecurityExploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims’ cloud environments. Source: https://www.darkreading.com/cloud-security/vmware-aria-operations-bug-exploited-cloud-risk
VMware Aria Operations Bug Exploited, Cloud Resources at Risk Read More »
Cybersecurity