Exploitation of the command injection flaw in VMware Aria Operations could grant an attacker broad acess to victims’ cloud environments. Source: https://www.darkreading.com/cloud-security/vmware-aria-operations-bug-exploited-cloud-risk
VMware Aria Operations Bug Exploited, Cloud Resources at Risk Read More »
CybersecurityA previously undocumented set of 23 iOS exploits named “Coruna” has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks. […] Source: https://www.bleepingcomputer.com/news/security/spyware-grade-coruna-ios-exploit-kit-now-used-in-crypto-theft-attacks/
Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks Read More »
CybersecurityCisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software. […] Source: https://www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-secure-fmc-flaws-giving-root-access/
Cisco warns of max severity Secure FMC flaws giving root access Read More »
CybersecurityThe phishing-as-a-service platform was used to send fraudulent emails to over 500,000 organizations every month. The post Tycoon 2FA Phishing Platform Dismantled in Global Takedown appeared first on SecurityWeek. Source: https://www.securityweek.com/tycoon-2fa-phishing-platform-dismantled-in-global-takedown/
Tycoon 2FA Phishing Platform Dismantled in Global Takedown Read More »
CybersecurityCustomers of restaurants using the HungerRush point-of-sale (POS) platform say they received emails from a threat actor attempting to extort the company, warning that restaurant and customer data could be exposed if HungerRush fails to respond. […] Source: https://www.bleepingcomputer.com/news/security/hacker-mass-mails-hungerrush-extortion-emails-to-restaurant-patrons/
Hacker mass-mails HungerRush extortion emails to restaurant patrons Read More »
CybersecurityThe hackers claim to have stolen 2GB of files, including 400,000 personal information records. The post New LexisNexis Data Breach Confirmed After Hackers Leak Files appeared first on SecurityWeek. Source: https://www.securityweek.com/new-lexisnexis-data-breach-confirmed-after-hackers-leak-files/
New LexisNexis Data Breach Confirmed After Hackers Leak Files Read More »
CybersecurityEvents and concepts from the Stranger Things television series illustrate how enterprises can defend their networks and stay "right side up." Source: https://www.darkreading.com/cybersecurity-operations/stranger-things-meets-cybersecurity-lessons-hive-mind
Stranger Things Meets Cybersecurity: Lessons from the Hive Mind Read More »
CybersecurityThe FBI has seized the LeakBase cybercrime forum, a major online forum used by cybercriminals buy and sell hacking tools and stolen data. […] Source: https://www.bleepingcomputer.com/news/security/fbi-seizes-leakbase-cybercrime-forum-data-of-142-000-members/
FBI seizes LeakBase cybercrime forum, data of 142,000 members Read More »
Cybersecurity
Cybersecurity researchers have warned of a surge in retaliatory hacktivist activity following the U.S.-Israel coordinated military campaign against Iran, codenamed Epic Fury and Roaring Lion. “The hacktivist threat in the Middle East is highly lopsided, with two groups, Keymous+ and DieNet, driving nearly 70% of all attack activity between February 28 and March 2,” Radware
The deal awaits final shareholder and regulatory approvals and is expected to be completed in the second half of 2026. The post Zurich Acquires Beazley in $11 Billion Deal to Lead Cyberinsurance appeared first on SecurityWeek. Source: https://www.securityweek.com/zurich-acquires-beazley-in-11-billion-deal-to-lead-cyberinsurance/
Zurich Acquires Beazley in $11 Billion Deal to Lead Cyberinsurance Read More »
CybersecurityA Belgian national, De Ceukelaire’ did not set out to be a hacker. Like many hackers he was born with the potential to become one and only gradually realized he is one. The post Hacker Conversations: Inti De Ceukelaire, Raging Against the Machine Creatively appeared first on SecurityWeek. Source: https://www.securityweek.com/hacker-conversations-inti-de-ceukelaire-raging-against-the-machine-creatively/
Hacker Conversations: Inti De Ceukelaire, Raging Against the Machine Creatively Read More »
Cybersecurity
Google said it identified a “new and powerful” exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1. The exploit kit featured five full iOS exploit chains and a total of 23 exploits, Google Threat Intelligence Group (GTIG) said. It’s not effective against the latest version of iOS.
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1 Read More »
CybersecurityThe startup aims to provide organizations with visibility into how AI operates across their environment. The post AI Security Firm JetStream Launches With $34 Million in Seed Funding appeared first on SecurityWeek. Source: https://www.securityweek.com/ai-security-firm-jetstream-launches-with-34-million-in-seed-funding/
AI Security Firm JetStream Launches With $34 Million in Seed Funding Read More »
CybersecurityEmployees seeking free versions of paid software may unknowingly install malware-laced “cracked” apps that can steal credentials, deploy cryptominers, or open the door to ransomware. The post How Pirated Software Turns Helpful Employees Into Malware Delivery Agents appeared first on SecurityWeek. Source: https://www.securityweek.com/how-pirated-software-turns-helpful-employees-into-malware-delivery-agents/
How Pirated Software Turns Helpful Employees Into Malware Delivery Agents Read More »
CybersecurityIndia-nexus cyber threat actors are growing more active and sophisticated, using custom tools coded in Rust and cloud-based command and control. Source: https://www.darkreading.com/threat-intelligence/india-apt-sloppy-lemming-defense-critical-infrastructure
Indian APT ‘Sloppy Lemming’ Targets Defense, Critical Infrastructure Read More »
CybersecurityThe emerging actor, part of the APT41 nexus, gains initial access via phishing, and uses legitimate network services to obscure cyberespionage activities. Source: https://www.darkreading.com/threat-intelligence/china-silver-dragon-governments-eu-se-asia
China’s Silver Dragon Razes Governments in EU, SE Asia Read More »
CybersecurityThe attackers are sending out fake alerts claiming unauthorized access or master password changes. The post LastPass Warns of New Phishing Campaign appeared first on SecurityWeek. Source: https://www.securityweek.com/lastpass-warns-of-new-phishing-campaign/
LastPass Warns of New Phishing Campaign Read More »
Cybersecurity
As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the budget — to secure it. But there’s a quiet crisis unfolding in the boardroom: many organizations know they need “AI Governance,” but they have no idea what they are actually looking for. The CISO’s Dilemma:
New RFP Template for AI Usage Control and AI Governance Read More »
CybersecurityStarting September 2026, new Chrome iterations will be released twice as fast, part of a two-week cycle. The post Google Plans Two-Week Release Schedule for Chrome appeared first on SecurityWeek. Source: https://www.securityweek.com/google-plans-two-week-release-schedule-for-chrome/
Google Plans Two-Week Release Schedule for Chrome Read More »
CybersecurityJoin the webinar as we explore a blueprint for an OT SOC leveraging an integrated OT Security Platform to safeguard operations and maintain business continuity. The post Webinar Today: Designing an OT SOC for Safety, Reliability, and Business Continuity appeared first on SecurityWeek. Source: https://www.securityweek.com/webinar-today-designing-an-ot-soc-for-safety-reliability-and-business-continuity/
Webinar Today: Designing an OT SOC for Safety, Reliability, and Business Continuity Read More »
Cybersecurity