Mobile security firm Zimperium has uncovered a broad malicious campaign targeting Android users in India to steal personal and banking information. Dubbed FatBoyPanel, the campaign has included the use of more than 1,000 malicious applications for information theft, and differs from typical mobile-focused malicious campaign by using live phone numbers for text message redirection, instead […]
Explore More
Cybersecurity startups Astra Security and Invary this week announced fresh funding rounds that will help them advance their solutions for identifying vulnerabilities and ensuring confidential computing, respectively. Astra received $2.7 million in a growth capital round led by Emergent Ventures, with additional support from Better Capital, Blume Ventures, Neon Fund, and PointOne Capital. Founded in […]
Explore More
Spanish authorities have announced the arrest of an individual suspected of being a hacker who has claimed attacks on dozens of organizations. Police said the unnamed man — described as a “dangerous hacker” — was arrested in the town of Calpe in Spain’s Alicante province, for allegedly launching cyberattacks on more than 40 organizations and […]
Explore More
Government agencies from the Five Eyes countries have released joint guidance for device manufacturers to secure their edge products against increasingly frequent malicious attacks. Sitting at the edge of a network, always connected to the internet, and acting as entry points for data between the network and the web, edge devices may include firewalls, routers, […]
Explore More
Recently, a wonderful co-worker of mine was injured quite badly during his winter ski vacation. If I understood him correctly, another skier came barreling into him while he was on the slopes. This inflicted serious injury upon my co-worker, unfortunately, and he has a long recovery ahead of him. I wish him well and a speedy […]
Explore More
Cisco on Wednesday announced patches for multiple vulnerabilities, including two critical-severity flaws in the Identity Services Engine (ISE) enterprise security solution. The critical bugs, tracked as CVE-2025-20124 and CVE-2025-20125 and impacting ISE APIs, could allow a remote attacker authenticated with read-only administrative privileges to execute arbitrary commands on a vulnerable device. Because user-supplied Java byte […]
Explore More
Researchers have seen dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams. Researcher Dominic Alvieri has been tracking such websites. He told SecurityWeek that he had seen well over 50 active sites as of Wednesday, as well as over a thousand domains that are likely being prepared for nefarious activities. Some […]
Explore More
7AI on Wednesday announced the launch of an agentic security platform, which leverages AI agents to automate repetitive tasks that consume significant security team resources The Boston, Mass-based company says its specialized AI agents are designed to take over essential ‘non-human work’, such as enriching signals, triaging alerts, searching for known threats, and correlating telemetry. […]
Explore More
San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures. The post Semgrep Raises $100M for AI-Powered Code Security Platform appeared first on SecurityWeek.
Explore More
DeepSeek has computer code that could send some user login information to China Mobile. The post Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US appeared first on SecurityWeek.
Explore More