SecurityWeek
T-Mobile Coughed Up $33 Million in SIM Swap Lawsuit
T-Mobile paid $33 million in a private arbitration process over a SIM swap attack leading to cryptocurrency theft.
The post T-Mobile Coughed Up $33 Million in SIM Swap Lawsuit appeared first on SecurityWeek.
More Solar System Vulnerabilities Expose Power Grids to Hacking
Forescout has found dozens of vulnerabilities in solar power systems from Sungrow, Growatt and SMA.
The post More Solar System Vulnerabilities Expose Power Grids to Hacking appeared first on SecurityWeek.
AI Security Firm Straiker Emerges From Stealth With $21M in Funding
Straiker has emerged from stealth mode with a solution designed to help enterprises secure AI agents and applications.
The post AI Security Firm Straiker Emerges From Stealth With $21M in Funding appeared first on SecurityWeek.
OpenAI Offering $100K Bounties for Critical Vulnerabilities
OpenAI has raised its maximum bug bounty payout to $100,000 (up from $20,000) for high-impact flaws in its infrastructure and products.
The post OpenAI Offering $100K Bounties for Critical Vulnerabilities appeared first on SecurityWeek.
Russian Ransomware Gang Exploited Windows Zero-Day Before Patch
Exploitation of Windows MMC zero-day is being pinned on a ransomware gang known as EncryptHub (an affiliate of RansomHub)
The post Russian Ransomware Gang Exploited Windows Zero-Day Before Patch appeared first on SecurityWeek.
AMTSO Releases Sandbox Evaluation Framework
AMTSO has developed a Sandbox Evaluation Framework to standardize the testing of malware analysis solutions.
The post AMTSO Releases Sandbox Evaluation Framework appeared first on SecurityWeek.
Island Banks $250M Series E for Enterprise Browser
The late-stage startup said the round was led Coatue Management and brings Island’s total external funding to approximately $730 million.
The post Island Banks $250M Series E for Enterprise Browser appeared first on SecurityWeek.
New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest
A new ransomware group called Arkana claims to have compromised the US telecommunications provider WideOpenWest.
The post New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest appeared first on SecurityWeek.
SplxAI Raises $7 Million for AI Security Platform
SplxAI has raised $7 million in a seed funding round led by LAUNCHub Ventures to secure agentic AI systems.
The post SplxAI Raises $7 Million for AI Security Platform appeared first on SecurityWeek.
Vulnerabilities Allow Remote Hacking of Inaba Plant Monitoring Cameras
Production line monitoring cameras made by Inaba can be hacked for surveillance and sabotage, but they remain unpatched.
The post Vulnerabilities Allow Remote Hacking of Inaba Plant Monitoring Cameras appeared first on SecurityWeek.
macOS Users Warned of New Versions of ReaderUpdate Malware
macOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages.
The post macOS Users Warned of New Versions of ReaderUpdate Malware appeared first on SecurityWeek.
Critical Next.js Vulnerability in Hacker Crosshairs
Threat actors have started probing servers impacted by a critical-severity vulnerability in the web application development framework Next.js.
The post Critical Next.js Vulnerability in Hacker Crosshairs appeared first on SecurityWeek.
Security Firms Say Evidence Seems to Confirm Oracle Cloud Hack
Despite Oracle categorically denying that its Cloud systems have been breached, sample data released by the hacker seems to prove otherwise.
The post Security Firms Say Evidence Seems to Confirm Oracle Cloud Hack appeared first on SecurityWeek.
Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks in Russian.
The post Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky appeared first on SecurityWeek.
Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots
DrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability.
The post Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots appeared first on SecurityWeek.
VMware Patches Authentication Bypass Flaw in Windows Tools Suite
The authentication bypass vulnerability, tagged as CVE-2025-22230, carries a CVSS severity score of 7.8/10.
The post VMware Patches Authentication Bypass Flaw in Windows Tools Suite appeared first on SecurityWeek.
Microsoft Adds AI Agents to Security Copilot
Microsoft has expanded the capabilities of Security Copilot with AI agents tackling data security, phishing, and identity management.
The post Microsoft Adds AI Agents to Security Copilot appeared first on SecurityWeek.
Charm Security Emerges From Stealth With $8 Million in Funding
Charm Security has emerged from stealth mode with $8 million in funding for AI-powered scams and social engineering prevention.
The post Charm Security Emerges From Stealth With $8 Million in Funding appeared first on SecurityWeek.
Numotion Data Breach Impacts Nearly 500,000 People
Email-related data breach suffered by wheelchair and other mobility equipment provider Numotion affects almost 500,000 individuals.
The post Numotion Data Breach Impacts Nearly 500,000 People appeared first on SecurityWeek.
Chinese APT Weaver Ant Targeting Telecom Providers in Asia
Weaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access.
The post Chinese APT Weaver Ant Targeting Telecom Providers in Asia appeared first on SecurityWeek.