SecurityWeek
Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday
Patch Tuesday: Microsoft patches at least 70 security bugs and flagged five zero-days in the “exploitation detected” category.
The post Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday appeared first on SecurityWeek.
Sharing Intelligence Beyond CTI Teams, Across Wider Functions and Departments
CTI, digital brand protection and other cyber risk initiatives shouldn’t only be utilized by security and cyber teams.
The post Sharing Intelligence Beyond CTI Teams, Across Wider Functions and Departments appeared first on SecurityWeek.
SAP Patches Another Critical NetWeaver Vulnerability
SAP has released 16 new security notes on its May 2025 Security Patch Day, including a note dealing with another critical NetWeaver vulnerability.
The post SAP Patches Another Critical NetWeaver Vulnerability appeared first on SecurityWeek.
Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023
The Radware Cloud WAF product vulnerabilities disclosed by CERT/CC were addressed two years ago.
The post Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023 appeared first on SecurityWeek.
Marks & Spencer Says Data Stolen in Ransomware Attack
Marks & Spencer has confirmed that personal information was stolen in a recent cyberattack claimed by a ransomware group.
The post Marks & Spencer Says Data Stolen in Ransomware Attack appeared first on SecurityWeek.
Output Messenger Zero-Day Exploited by Turkish Hackers for Iraq Spying
A Turkey-affiliated espionage group has exploited a zero-day vulnerability in Output Messenger since April 2024.
The post Output Messenger Zero-Day Exploited by Turkish Hackers for Iraq Spying appeared first on SecurityWeek.
Suspected DoppelPaymer Ransomware Group Member Arrested
A 45-year-old individual was arrested in Moldova for his suspected involvement in DoppelPaymer ransomware attacks.
The post Suspected DoppelPaymer Ransomware Group Member Arrested appeared first on SecurityWeek.
Orca Snaps Up Opus in Cloud Security Automation Push
Orca positioned the deal as an expansion of its capabilities into the realm of AI-based autonomous remediation and prevention.
The post Orca Snaps Up Opus in Cloud Security Automation Push appeared first on SecurityWeek.
CISA Warns of Flaw in TeleMessage App Used by Ex-National Security Advisor
An information exposure flaw in TeleMessage has been added to CISA’s Known Exploited Vulnerabilities catalog.
The post CISA Warns of Flaw in TeleMessage App Used by Ex-National Security Advisor appeared first on SecurityWeek.
Apple Patches Major Security Flaws in iOS, macOS Platforms
Apple rolls out iOS and macOS platform updates to fix serious security bugs that could be triggered simply by opening an image or video file.
The post Apple Patches Major Security Flaws in iOS, macOS Platforms appeared first on SecurityWeek.
Security Firm Andy Frain Says 100,000 People Impacted by Ransomware Attack
Andy Frain was targeted by the Black Basta ransomware group in 2024 and the hackers have stolen a wide range of information.
The post Security Firm Andy Frain Says 100,000 People Impacted by Ransomware Attack appeared first on SecurityWeek.
Google Agrees to $1.3 Billion Settlement in Texas Privacy Lawsuits
Google has agreed to a $1.375 billion settlement with Texas in lawsuits over location and private browsing tracking, and biometric data collection.
The post Google Agrees to $1.3 Billion Settlement in Texas Privacy Lawsuits appeared first on SecurityWeek.
437,000 Impacted by Ascension Health Data Breach
Ascension Health has notified the HHS that more than 437,000 people were affected by a recently disclosed data breach.
The post 437,000 Impacted by Ascension Health Data Breach appeared first on SecurityWeek.
Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks
Two vulnerabilities in ASUS’s pre-installed software DriverHub can be exploited for remote code execution.
The post Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks appeared first on SecurityWeek.
US Deportation Airline GlobalX Confirms Hack
Global Crossing Airlines is investigating a cybersecurity incident after Anonymous hackers targeted its systems.
The post US Deportation Airline GlobalX Confirms Hack appeared first on SecurityWeek.
German Authorities Take Down Crypto Swapping Service eXch
German authorities seized the servers of crypto-swapping service eXch for laundering approximately $1.9 billion in fraudulent assets.
The post German Authorities Take Down Crypto Swapping Service eXch appeared first on SecurityWeek.
US Announces Botnet Takedown, Charges Against Russian Administrators
Anyproxy and 5socks, websites offering proxy services through devices ensnared by a botnet, have been disrupted in a law enforcement operation.
The post US Announces Botnet Takedown, Charges Against Russian Administrators appeared first on SecurityWeek.
In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak
Noteworthy stories that might have slipped under the radar: surge in cyberattacks between India and Pakistan, Radware cloud WAF vulnerabilities, xAI key leak.
The post In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak appeared first on SecurityWeek.
Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack
Supply chain attack compromises the popular rand-user-agent NPM package to deploy and activate a backdoor.
The post Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack appeared first on SecurityWeek.
160,000 Impacted by Valsoft Data Breach
VMS firm Valsoft Corporation says the personal information of over 160,000 people was compromised in a February 2025 data breach.
The post 160,000 Impacted by Valsoft Data Breach appeared first on SecurityWeek.