Threat actors are publishing malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. The post Malicious NPM Packages Target Cryptocurrency, PayPal Users appeared first on SecurityWeek.
The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices. The post Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle appeared first on SecurityWeek.
The hackers who posted the documents on Telegram said the attack was in response to alleged Moroccan “harassment” of Algeria on social media platforms. The post Hackers Breach Morocco’s Social Security Database appeared first on SecurityWeek.
A vulnerability in the OttoKit WordPress plugin with over 100,000 active installations has been exploited in the wild. The post Vulnerability in OttoKit WordPress Plugin Exploited in the Wild appeared first on SecurityWeek.
Noteworthy stories that might have slipped under the radar: Scattered Spider still active despite arrests, hacker known as EncryptHub unmasked, Rydox admins extradited to US. The post In Other News: Scattered Spider Still Active, EncryptHub Unmasked, Rydox Extraditions appeared first on SecurityWeek.
SonicWall has released fixes for three vulnerabilities in NetExtender for Windows, including a high-severity bug. The post SonicWall Patches High-Severity Vulnerability in NetExtender appeared first on SecurityWeek.
Laboratory Services Cooperative says the personal and medical information of 1.6 million was stolen in an October 2024 data breach. The post 1.6 Million People Impacted by Data Breach at Laboratory Services Cooperative appeared first on SecurityWeek.
In a secret meeting between Chinese and US officials, the former confirmed conducting cyberattacks on US infrastructure. The post China Admitted to Volt Typhoon Cyberattacks on US Critical Infrastructure: Report appeared first on SecurityWeek.
Very few people in the cybersecurity industry do not know, or know of, Bryson Bort, CEO/Founder of SCYTHE and the co-founder of ICS Village. The post Rising Tides: Bryson Bort on Cyber Entrepreneurship and the Needed Focus on Critical Infrastructure appeared first on SecurityWeek.
Law enforcement agencies in multiple countries have announced the arrests of users of the malicious Smokeloader botnet. The post Europol Targets Customers of Smokeloader Pay-Per-Install Botnet appeared first on SecurityWeek.