The Trump administration has cut millions of dollars in federal funding from two cybersecurity initiatives, including one dedicated to helping state and local election officials. The post Trump Administration Halts Funding for Two Cybersecurity Efforts, Including One for Elections appeared first on SecurityWeek.

Kela admits that its evidence for a connection between Belsen and ZeroSevenGroup is largely circumstantial, primarily based on styles. The post Are Threat Groups Belsen and ZeroSevenGroup Related? appeared first on SecurityWeek.

Apple warns that the WebKIt bug “may have been exploited in an extremely sophisticated attack against specific targeted individuals.” The post Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw appeared first on SecurityWeek.

Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild. The post Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday appeared first on SecurityWeek.

Adobe documents 35 security flaws in a wide range of products, including code-execution issues in the Acrobat and Reader applications. The post Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader appeared first on SecurityWeek.

Report from the Department for Science, Innovation & Technology (DSIT) finds weaknesses in current practices. The post UK Government Report Calls for Stronger Open Source Supply Chain Security Practices appeared first on SecurityWeek.

Cato Networks has analyzed a new IoT botnet named Ballista, which targets TP-Link Archer routers.   The post New Ballista IoT Botnet Linked to Italian Threat Actor appeared first on SecurityWeek.

The New York Attorney General sued National General and its parent company Allstate over two data breaches. The post New York Sues Insurance Giant Over Data Breaches appeared first on SecurityWeek.

SAP released 21 new security notes and updated three security notes on March 2025 security patch day. The post SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver appeared first on SecurityWeek.

Edimax is aware that CVE-2025-1316 has been exploited in the wild, but the impacted devices were discontinued over a decade ago. The post Edimax Says No Patches Coming for Zero-Day Exploited by Botnets appeared first on SecurityWeek.