In a recent column, I wrote about the nearly ubiquitous state of artificial intelligence (AI) in software development, with a GitHub survey showing 92 percent of U.S.-based developers using AI coding tools both in and outside of work. Seeing a subsequent surge in their productivity, many are taking part in what’s called “shadow AI” by […]

Several apparently malicious NPM packages linked to Snyk raised some concerns, but the developer security firm said they were part of a research project and suggested that there was no risk to anyone. SourceCodeRed researcher Paul McCarty raised the alarm last week when he spotted the packages on the NPM Registry, warning that the packages […]

Orchid Security, a New York startup building technology in the identity-first security orchestration space, has raised $36 million in an unusually large seed round co-led by Team8 and Intel Capital. The company and its investors are making a big bet on using LLMs (large language models) to address the complexity of managing fragmented identity systems […]

SecurityWeek’s Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we discuss what to expect with Cyber Threat Intelligence (CTI). CTI is valuable and beneficial to cybersecurity, […]

Enterprise software maker SAP on Tuesday announced the release of 14 new security notes as part of its January 2025 Patch Day. The most important of the notes are marked ‘hot news’ (the highest SAP severity rating) and address two critical vulnerabilities in NetWeaver AS for ABAP and ABAP Platform, both with a CVSS score […]

CISA and several other Western security agencies have published guidance to help operational technology (OT) owners and operators select secure products. The authoring agencies warn that threat actors are targeting particular OT products rather than specific organizations, pointing out that vulnerable OT products can grant attackers access to the systems of multiple victims across various […]

A threat actor has been observed abusing compromised AWS keys to encrypt data in S3 buckets and demand a ransom payment in exchange for the encryption keys, cybersecurity firm Halcyon reports. As part of the identified attacks, the threat actor, tracked as Codefinger, relies on stolen credentials and on AWS’s Server-Side Encryption with Customer Provided […]

The US cybersecurity agency CISA is urging federal agencies to patch a second vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) enterprise solutions, based on evidence of active exploitation. Tracked as CVE-2024-12686, the flaw is a medium-severity command injection issue that was discovered during BeyondTrust’s investigation into the compromise of a limited […]

A significant number of Ivanti VPNs are still exposed to attacks exploiting a recent vulnerability, and the UK domain registry Nominet has emerged as a victim of exploitation.  Ivanti recently released patches for its Connect Secure VPN appliances to address CVE-2025-0282, a critical zero-day that allows remote, unauthenticated attackers to execute arbitrary code. When it […]

Information stealer malware allowed threat actors to compromise the credentials of multiple Telefonica employees and access the telecommunication giant’s internal ticketing system. The data breach came to light last week, after members of the Hellcat ransomware group (which previously claimed the attack on Schneider Electric) boasted on the BreachForums cybercrime forum about stealing customer data, […]