Latest Cybersecurity News and Articles
23 July 2025
Akamai’s analysis of the Coyote malware revealed that it abuses Microsoft’s UIA accessibility framework to obtain data.
The post Coyote Banking Trojan First to Abuse Microsoft UIA appeared first on SecurityWeek.
23 July 2025
A database with 3.5 million records was exposed, with no password protection or encryption.
23 July 2025
The US government has issued an alert on the Interlock ransomware, which targets organizations via drive-by download attacks.
The post Organizations Warned of Interlock Ransomware Attacks appeared first on SecurityWeek.
23 July 2025
Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It’s because existing detections rely on brittle heuristics and static rules, which don’t hold up for detecting potential attack patterns in highly variable Kerberos traffic. They frequently generate false positives or miss “low-and-slow” attacks altogether.&
23 July 2025
Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code.
The post Critical Vulnerabilities Patched in Sophos Firewall appeared first on SecurityWeek.
23 July 2025
Fresh security updates for Chrome and Firefox resolve multiple high-severity memory safety vulnerabilities.
The post High-Severity Flaws Patched in Chrome, Firefox appeared first on SecurityWeek.
23 July 2025
The Lumma Stealer is back after Microsoft and law enforcement took action to significantly disrupt the malware’s infrastructure.
The post Lumma Stealer Malware Returns After Takedown Attempt appeared first on SecurityWeek.
23 July 2025
Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ecosystems and prevent software supply chain attacks.
"As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid compromise without burden on upstream maintainers," Matthew Suozzo, Google Open Source Security
23 July 2025
Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution.
The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek.
23 July 2025
CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog.
The post CISA Warns of SysAid Vulnerability Exploitation appeared first on SecurityWeek.
23 July 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting SysAid IT support software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities in question are listed below -
CVE-2025-2775 (CVSS score: 9.3) - An improper restriction of XML external entity (XXE) reference vulnerability in the
23 July 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
To that end, Federal Civilian Executive Branch (FCEB) agencies are required to remediate identified vulnerabilities by July 23, 2025.
"CISA is
23 July 2025
AI and the rise of cyberattacks.
23 July 2025
Managing browser-based vulnerabilities.
22 July 2025
Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days.
The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek.
22 July 2025
Once a manageable function, security operations has become a battlefield of complexity.
The post Reclaiming Control: How Enterprises Can Fix Broken Security Operations appeared first on SecurityWeek.
22 July 2025
Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports.
The tech giant said it also observed a third China-based threat actor, which it tracks as Storm-2603, weaponizing the flaws as well to obtain initial access to
22 July 2025
Dell confirms the compromise of a demo environment containing synthetic data after hackers leak allegedly stolen information.
The post Dell Says Data Leaked by Hackers Is Fake appeared first on SecurityWeek.
22 July 2025
Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz. The existence of the security holes came to light last week, when Germany’s CERT@VDE published an advisory describing eight vulnerabilities discovered in Helmholz’s REX 100 router, which enables organizations to remotely access and manage industrial […]
The post Vulnerabilities Expose Helmholz Industrial Routers to Hacking appeared first on SecurityWeek.
22 July 2025
Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) to acknowledge active exploitation.
"In July 2025, the Cisco PSIRT [Product Security Incident Response Team], became aware of attempted exploitation of some of these vulnerabilities in the wild," the company said in an alert.
The