SecurityWeek

United Natural Foods has taken some systems offline after detecting unauthorized activity on its IT systems, causing disruptions to operations.

The post Whole Foods Distributor United Natural Foods Hit by Cyberattack appeared first on SecurityWeek.

Foreign hackers have increasingly identified smartphones, other mobile devices and the apps they use as a weak link in U.S. cyberdefenses.

The post Chinese Hackers and User Lapses Turn Smartphones Into a ‘Mobile Security Crisis’ appeared first on SecurityWeek.

Anti-malware vendor said it spent the past twelve months deflecting a stream of network reconnaissance probes from China-nexus threat actors

The post Chinese Espionage Crews Circle SentinelOne in Year-Long Reconnaissance Campaign appeared first on SecurityWeek.

The Israeli company said the Series B raise was led by ClearSky and included equity stakes for new backer Phoenix Financial.

The post Guardz Banks $56M Series B for All-in-One SMB Security appeared first on SecurityWeek.

CVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets.

The post Mirai Botnets Exploiting Wazuh Security Platform Vulnerability  appeared first on SecurityWeek.

A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack.

The post React Native Aria Packages Backdoored in Supply Chain Attack appeared first on SecurityWeek.

Two malicious NPM packages contain code that would delete production systems when triggered with the right credentials.

The post Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems appeared first on SecurityWeek.

iVerify links iPhone crashes to sophisticated zero-click attacks via iMessage targeting individuals involved in politics in the EU and US.

The post iMessage Zero-Click Attacks Suspected in Targeting of High-Value EU, US Individuals appeared first on SecurityWeek.

The US is seeking the forfeiture of $7.74 million in cryptocurrency in frozen wallets tied to North Korean fake IT workers schemes.

The post US Seeks Forfeiture of $7.74M in Cryptocurrency Tied to North Korean IT Workers appeared first on SecurityWeek.

Kingsley Uchelue Utulu has been sentenced to more than 5 years in prison for his role in a scheme that involved hacking, fraud and identity theft.

The post Nigerian Involved in Hacking US Tax Preparation Firms Sentenced to Prison  appeared first on SecurityWeek.

President Trump says his new cybersecurity executive order amends problematic elements of Biden- and Obama-era executive orders.

The post Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies appeared first on SecurityWeek.

Noteworthy stories that might have slipped under the radar: FBI issues an alert on BadBox 2 botnet, NSO disputing the $168 million WhatsApp fine, 1,000 people left CISA since Trump took office.

The post In Other News: FBI Warns of BadBox 2, NSO Disputes WhatsApp Fine, 1,000 Leave CISA appeared first on SecurityWeek.

The number of cybersecurity-related merger and acquisition (M&A) announcements surged in May 2025.

The post Cybersecurity M&A Roundup: 42 Deals Announced in May 2025 appeared first on SecurityWeek.

Data security firm MIND has raised $30 million in Series A funding to expand its R&D and go-to-market teams.

The post MIND Raises $30 Million for Data Loss Prevention appeared first on SecurityWeek.

A Russia-linked threat actor has used the destructive malware dubbed PathWiper against a critical infrastructure organization in Ukraine.

The post Destructive ‘PathWiper’ Targeting Ukraine’s Critical Infrastructure appeared first on SecurityWeek.

Cisco has released patches for a critical vulnerability impacting cloud deployments of Identity Services Engine (ISE).

The post Cisco Patches Critical ISE Vulnerability With Public PoC appeared first on SecurityWeek.

An HPE StoreOnce vulnerability allows attackers to bypass authentication, potentially leading to remote code execution.

The post HPE Patches Critical Vulnerability in StoreOnce appeared first on SecurityWeek.

A reward is being offered for Maxim Alexandrovich Rudometov, who is accused of developing and managing the RedLine malware.

The post US Offering $10 Million Reward for RedLine Malware Developer appeared first on SecurityWeek.

Censys researchers follow some clues and find hundreds of control-room dashboards for US water utilities on the public internet.

The post Misconfigured HMIs Expose US Water Systems to Anyone with a Browser appeared first on SecurityWeek.

A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters.

The post Backdoored Open Source Malware Repositories Target Novice Cybercriminals appeared first on SecurityWeek.