Microsoft has observed a new variant of the XCSSET malware being used in limited attacks against macOS users. The post Microsoft Warns of Improved XCSSET macOS Malware appeared first on SecurityWeek.

Palo Alto Networks has confirmed that a recently patched firewall vulnerability tracked as CVE-2025-0108 is being actively exploited. The post Palo Alto Networks Confirms Exploitation of Firewall Vulnerability appeared first on SecurityWeek.

Israeli cybersecurity startup Dream has raised $100 million in Series B funding and is now valued at $1.1 billion. The post Ex-NSO Group CEO’s Security Firm Dream Raises $100M at $1.1B Valuation appeared first on SecurityWeek.

A newly identified malware family abuses the Outlook mail service for communication, via the Microsoft Graph API. The post New FinalDraft Malware Spotted in Espionage Campaign appeared first on SecurityWeek.

Russian hackers have been targeting government, defense, telecoms, and other organizations in a device code phishing campaign. The post Russian State Hackers Target Organizations With Device Code Phishing appeared first on SecurityWeek.

After governments announced sanctions against the Zservers/XHost bulletproof hosting service, Dutch police took 127 servers offline. The post 127 Servers of Bulletproof Hosting Service Zservers Seized by Dutch Police appeared first on SecurityWeek.

DeepSeek has temporarily paused downloads of its chatbot apps in South Korea while it works with local authorities to address privacy concerns. The post Downloads of DeepSeek’s AI Apps Paused in South Korea Over Privacy Concerns appeared first on SecurityWeek.

Xerox released security updates to resolve pass-back attack vulnerabilities in Versalink multifunction printers. The post Xerox Versalink Printer Vulnerabilities Enable Lateral Movement appeared first on SecurityWeek.

In a signal move for the cybersecurity sector, identity and access management (IAM) vendor SailPoint has made its return to public markets. The post SailPoint IPO Signals Bright Spot for Cybersecurity appeared first on SecurityWeek.

The chief deputy attorney general of the agency sent an email on Wednesday that said nearly all of is computer systems were offline. The post Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems appeared first on SecurityWeek.