SecurityWeek
US Sanctions Philippine Company for Supporting Crypto Scams
The US Treasury Department US has slapped sanctions on Funnull Technology for providing support to cryptocurrency investment scams.
The post US Sanctions Philippine Company for Supporting Crypto Scams appeared first on SecurityWeek.
Chinese Hacking Group APT41 Exploits Google Calendar to Target Governments
China-linked hackers used a compromised government site to target other government entities with the ToughProgress malware that uses an attacker-controlled Google Calendar for C&C.
The post Chinese Hacking Group APT41 Exploits Google Calendar to Target Governments appeared first on SecurityWeek.
MITRE Publishes Post-Quantum Cryptography Migration Roadmap
The roadmap provides an overview of four key stages of the migration process, namely preparation, baseline understanding, planning and execution, and monitoring and evaluation.
The post MITRE Publishes Post-Quantum Cryptography Migration Roadmap appeared first on SecurityWeek.
ConnectWise Discloses Suspected State-Sponsored Hack
The IT software provider says ScreenConnect users were impacted by the attack, which exploited a high-severity ASP.NET vulnerability.
The post ConnectWise Discloses Suspected State-Sponsored Hack appeared first on SecurityWeek.
CISA Releases Guidance on SIEM and SOAR Implementation
The guidance outlines the benefits and challenges or SIEM and SOAR platforms, and shares implementation recommendations.
The post CISA Releases Guidance on SIEM and SOAR Implementation appeared first on SecurityWeek.
Chinese Hacking Group ‘Earth Lamia’ Targets Multiple Industries
Active since at least 2023, the hacking group has been targeting the financial, government, IT, logistics, retail, and education sectors.
The post Chinese Hacking Group ‘Earth Lamia’ Targets Multiple Industries appeared first on SecurityWeek.
Unbound Raises $4 Million to Secure Gen-AI Adoption
Security startup Unbound has raised $4 million in funding to help organizations adopt generative-AI tools securely and responsibly.
The post Unbound Raises $4 Million to Secure Gen-AI Adoption appeared first on SecurityWeek.
GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability
Professional hackers have built a network of ASUS routers that can survive firmware upgrades, factory reboots and most anti-malware scans.
The post GreyNoise Flags 9,000 ASUS Routers Backdoored Via Patched Vulnerability appeared first on SecurityWeek.
Victoria’s Secret Website Taken Offline After Cyberattack
Website remains offline following suspected cyber incident, as experts warn of escalating threats targeting major retailers
The post Victoria’s Secret Website Taken Offline After Cyberattack appeared first on SecurityWeek.
Adidas Data Breach Linked to Third-Party Vendor
Adidas said hackers accessed a “third-party customer service provider” and stole customer information.
The post Adidas Data Breach Linked to Third-Party Vendor appeared first on SecurityWeek.
Webinar Today: Why Context is a Secret Weapon in Application Security Posture Management
Join the live webinar to understand why data in itself is not enough to make informed decisions for prioritization.
The post Webinar Today: Why Context is a Secret Weapon in Application Security Posture Management appeared first on SecurityWeek.
Beyond GenAI: Why Agentic AI Was the Real Conversation at RSA 2025
Agentic AI can be a great tool for many of the ‘gray area’ tasks that SOC analysts undertake.
The post Beyond GenAI: Why Agentic AI Was the Real Conversation at RSA 2025 appeared first on SecurityWeek.
MATLAB Maker MathWorks Recovering From Ransomware Attack
The incident impacted multiple web and mobile applications, licensing services, downloads and online store, website, wiki, MathWorks accounts, and other services.
The post MATLAB Maker MathWorks Recovering From Ransomware Attack appeared first on SecurityWeek.
364,000 Impacted by Data Breach at LexisNexis Risk Solutions
Data broker giant LexisNexis Risk Solutions says personal information was stolen from 364,000 people in a December 2024 data breach.
The post 364,000 Impacted by Data Breach at LexisNexis Risk Solutions appeared first on SecurityWeek.
Czech Government Condemns Chinese Hack on Critical Infrastructure
The Czech government issues a blunt warning to China after APT31 hackers linked to intrusion at critical infrastructure network.
The post Czech Government Condemns Chinese Hack on Critical Infrastructure appeared first on SecurityWeek.
Cerby Raises $40 Million for Identity Automation Platform
Identity security automation platform Cerby has raised $40 million in Series B funding to scale operations.
The post Cerby Raises $40 Million for Identity Automation Platform appeared first on SecurityWeek.
Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites
Mandiant warns that a Vietnamese hacking group tracked as UNC6032 is distributing malware via fake AI video generator websites.
The post Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites appeared first on SecurityWeek.
OneDrive Gives Web Apps Full Read Access to All Files
Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to upload.
The post OneDrive Gives Web Apps Full Read Access to All Files appeared first on SecurityWeek.
Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities
Google and Mozilla released patches for Chrome and FireFox to address a total of 21 vulnerabilities between the two browsers, including three rated high severity.
The post Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Vulnerabilities in CISA KEV Are Not Equally Critical: Report
New report says organizations should always consider environmental context when assessing the impact of vulnerabilities in CISA KEV catalog.
The post Vulnerabilities in CISA KEV Are Not Equally Critical: Report appeared first on SecurityWeek.