Security Week

Censys researchers follow some clues and find hundreds of control-room dashboards for US water utilities on the public internet.

The post Misconfigured HMIs Expose US Water Systems to Anyone with a Browser appeared first on SecurityWeek.

A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters.

The post Backdoored Open Source Malware Repositories Target Novice Cybercriminals appeared first on SecurityWeek.

Cellebrite and Corellium, whose names have been mentioned in spyware stories, are joining forces to provide advanced investigative solutions.

The post Controversial Firms Cellebrite and Corellium Announce $200 Million Acquisition Deal appeared first on SecurityWeek.

Sagar Steven Singh and Nicholas Ceraolo, members of the Vile group, get prison sentences for identity theft and hacking.

The post Men Who Hacked Law Enforcement Database for Doxing Sentenced to Prison appeared first on SecurityWeek.

Researchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check.

The post ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware appeared first on SecurityWeek.

Play ransomware attacks have hit roughly 900 organizations and recently involved the exploitation of SimpleHelp vulnerabilities.

The post FBI Aware of 900 Organizations Hit by Play Ransomware appeared first on SecurityWeek.

Authorities seized 145 domains associated with BidenCash, a marketplace for stolen credit cards and personal information.

The post Carding Marketplace BidenCash Shut Down by Authorities  appeared first on SecurityWeek.

Lee Enterprises has completed its investigation into the recent ransomware attack and confirmed that a data breach occurred.

The post Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach appeared first on SecurityWeek.

The Interlock ransomware group has leaked data allegedly stolen from Kettering Health in a recent cyberattack.

The post Ransomware Gang Leaks Alleged Kettering Health Data appeared first on SecurityWeek.

China issued warrants for 20 Taiwanese people it said carried out hacking missions in the Chinese mainland on behalf of the island’s ruling party.

The post China Issues Warrants for Alleged Taiwanese Hackers and Bans a Business for Pro-Independence Links appeared first on SecurityWeek.

Germany fined Vodafone $51 million for failing to protect user data from partners and unauthorized third-parties.

The post Vodafone Germany Fined $51 Million Over Privacy, Security Failures appeared first on SecurityWeek.

A financially motivated threat actor employing vishing to compromise Salesforce customers, and extort them.

The post Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers appeared first on SecurityWeek.

AI is transforming the cybersecurity landscape—empowering attackers with powerful new tools while offering defenders a chance to fight back. But without stronger awareness and strategy, organizations risk falling behind.

The post Going Into the Deep End: Social Engineering and the AI Flood appeared first on SecurityWeek.

Compyl has raised $12 million in a Series A funding round that will be invested in go-to-market initiatives, hirings, and GRC platform expansion.

The post Compyl Raises $12 Million for GRC Platform appeared first on SecurityWeek.

Industrial giant Honeywell has published its 2025 Cybersecurity Threat Report with information on the latest trends.

The post Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift appeared first on SecurityWeek.

Learn why your security controls matter more than theoretical risk scores and how exposure validation helps slash massive patch lists down to the few vulnerabilities that truly demand action.

The post Webinar Today: Redefining Vulnerability Management With Exposure Validation appeared first on SecurityWeek.

End-to-end cybersecurity provider ThreatSpike has raised $14 million in a Series A funding round led by Expedition Growth Capital, after being bootstrapped for 14 years. Founded in 2011, the London-based firm provides real-time detection and response and penetration testing capabilities in a single, unified platform that delivers enterprise-grade cybersecurity to mid-sized businesses. According to ThreatSpike, […]

The post ThreatSpike Raises $14 Million in Series A Funding appeared first on SecurityWeek.

Victoria’s Secret is postponing the release of its quarterly earnings following a security breach that disrupted the popular lingerie brand’s corporate operations.

The post Victoria’s Secret Says It Will Postpone Earnings Report After Recent Security Breach appeared first on SecurityWeek.

Threat actors steal personal information from thenorthface.com user accounts in a recent credential stuffing campaign.

The post Thousands Hit by The North Face Credential Stuffing Attack appeared first on SecurityWeek.

Researchers from Forescout have analyzed the prevalence of internet-exposed solar power devices and shared a list of the top vendors and devices.

The post 35,000 Solar Power Systems Exposed to Internet appeared first on SecurityWeek.