SecurityWeek1 天
In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked
Key members of Hellcat ransomware group identified, controversy around CrushFTP flaw CVE, NYU website hacked and defaced.
SecurityWeek1 天
Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia
Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox ...
SecurityWeek1 天
Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware
Healthcare is consistently one of the most attacked critical industries – it is a prime ransomware target. The reasons are ...
SecurityWeek1 天
Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe
The Grandoreiro banking trojan has reemerged in fresh phishing campaigns targeting users in Latin America and Europe, ...
SecurityWeek1 天
Morphing Meerkat Phishing Kits Target Over 100 Brands
A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages.
SecurityWeek2 天
T-Mobile Coughed Up $33 Million in SIM Swap Lawsuit
T-Mobile paid $33 million in a private arbitration process over a SIM swap attack leading to cryptocurrency theft.
SecurityWeek2 天
Splunk Patches Dozens of Vulnerabilities
Splunk patches high-severity remote code execution and information disclosure flaws in Splunk Enterprise and Secure Gateway ...
SecurityWeek2 天
More Solar System Vulnerabilities Expose Power Grids to Hacking
Forescout has found dozens of vulnerabilities in solar power systems from Sungrow, Growatt and SMA, and patches have been ...
SecurityWeek2 天
AI Security Firm Straiker Emerges From Stealth With $21M in Funding
Straiker has emerged from stealth mode with a solution designed to help enterprises secure AI agents and applications.
SecurityWeek2 天
Russian Ransomware Gang Exploited Windows Zero-Day Before Patch
Exploitation of Windows MMC zero-day is being pinned on a ransomware gang known as EncryptHub (an affiliate of RansomHub) ...
SecurityWeek2 天
Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
Chrome vulnerability CVE-2025-2783 was chained with a second exploit for remote code execution in attacks targeting ...
SecurityWeek1 天
9-Year-Old NPM Crypto Package Hijacked for Information Theft
Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers.