Latest Cybersecurity News and Articles

---

2 Certificate Authorities Now Distrusted by Google — Due to Compliance Issues

Security leaders share their thoughts on the importance of compliance and trust for certificate authorities.

---

Men Who Hacked Law Enforcement Database for Doxing Sentenced to Prison

Sagar Steven Singh and Nicholas Ceraolo, members of the Vile group, get prison sentences for identity theft and hacking. The post Men Who Hacked Law Enforcement Database for Doxing Sentenced to Prison appeared first on SecurityWeek.

---

ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware

Researchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check. The post ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware appeared first on SecurityWeek.

---

Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation

Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same question: what is the business getting in return? CISOs respond with reports on controls and vulnerability counts – but executives want to understand risk in terms of financial exposure, operational impact, and avoiding loss. The

---

FBI Aware of 900 Organizations Hit by Play Ransomware

Play ransomware attacks have hit roughly 900 organizations and recently involved the exploitation of SimpleHelp vulnerabilities. The post FBI Aware of 900 Organizations Hit by Play Ransomware appeared first on SecurityWeek.

---

Iran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal Malware

An Iran-aligned hacking group has been attributed to a new set of cyber attacks targeting Kurdish and Iraqi government officials in early 2024. The activity is tied to a threat group ESET tracks as BladedFeline, which is assessed with medium confidence to be a sub-cluster within OilRig, a known Iranian nation-state cyber actor. It's said to be active since September 2017, when it targeted

---

Carding Marketplace BidenCash Shut Down by Authorities 

Authorities seized 145 domains associated with BidenCash, a marketplace for stolen credit cards and personal information. The post Carding Marketplace BidenCash Shut Down by Authorities  appeared first on SecurityWeek.

---

DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown

The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and dark web domains associated with an illicit carding marketplace called BidenCash. "The operators of the BidenCash marketplace use the platform to simplify the process of buying and selling stolen credit cards and associated personal information," the DoJ said. "BidenCash

---

Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach

Lee Enterprises has completed its investigation into the recent ransomware attack and confirmed that a data breach occurred. The post Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach appeared first on SecurityWeek.

---

Ransomware Gang Leaks Alleged Kettering Health Data

The Interlock ransomware group has leaked data allegedly stolen from Kettering Health in a recent cyberattack. The post Ransomware Gang Leaks Alleged Kettering Health Data appeared first on SecurityWeek.

---

China Issues Warrants for Alleged Taiwanese Hackers and Bans a Business for Pro-Independence Links

China issued warrants for 20 Taiwanese people it said carried out hacking missions in the Chinese mainland on behalf of the island’s ruling party. The post China Issues Warrants for Alleged Taiwanese Hackers and Bans a Business for Pro-Independence Links appeared first on SecurityWeek.

---

Vodafone Germany Fined $51 Million Over Privacy, Security Failures

Germany fined Vodafone $51 million for failing to protect user data from partners and unauthorized third-parties. The post Vodafone Germany Fined $51 Million Over Privacy, Security Failures appeared first on SecurityWeek.

---

Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI

Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems. The security defect, tracked as CVE-2025-20286, carries a CVSS score of 9.9 out of 10.0. It has been described as a static credential vulnerability. "A

---

ANU investigates possible hack after vice-chancellor’s account liked ‘highly offensive’ LinkedIn posts

University spokesperson says Genevieve Bell’s account had ‘liked’ posts she had never seen before about Julie Bishop and GazaGet our breaking news email, free app or daily news podcastThe Australian National University (ANU) has contacted authorities about a possible hacking incident after its vice-chancellor’s account liked a number of “highly offensive” LinkedIn posts about Gaza and Julie Bishop.One of the posts liked by Genevieve Bell’s account was an inflammatory post about Gaza, while another made negative comments about Bishop, the ANU chancellor and a former foreign minister.Sign up for Guardian Australia’s breaking news email Continue reading...

---

Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App

Google has disclosed details of a financially motivated threat cluster that it said "specialises" in voice phishing (aka vishing) campaigns designed to breach organizations' Salesforce instances for large-scale data theft and subsequent extortion. The tech giant's threat intelligence team is tracking the activity under the moniker UNC6040, which it said exhibits characteristics that align with

---

Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers

A financially motivated threat actor employing vishing to compromise Salesforce customers, and extort them. The post Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers appeared first on SecurityWeek.

---

Going Into the Deep End: Social Engineering and the AI Flood

AI is transforming the cybersecurity landscape—empowering attackers with powerful new tools while offering defenders a chance to fight back. But without stronger awareness and strategy, organizations risk falling behind. The post Going Into the Deep End: Social Engineering and the AI Flood appeared first on SecurityWeek.

---

Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads

Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks targeting Windows and Linux systems. According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments. "Chaos RAT is an open-source RAT written in

---

Your SaaS Data Isn't Safe: Why Traditional DLP Solutions Fail in the Browser Era

Traditional data leakage prevention (DLP) tools aren't keeping pace with the realities of how modern businesses use SaaS applications. Companies today rely heavily on SaaS platforms like Google Workspace, Salesforce, Slack, and generative AI tools, significantly altering the way sensitive information is handled. In these environments, data rarely appears as traditional files or crosses networks

---

Compyl Raises $12 Million for GRC Platform

Compyl has raised $12 million in a Series A funding round that will be invested in go-to-market initiatives, hirings, and GRC platform expansion. The post Compyl Raises $12 Million for GRC Platform appeared first on SecurityWeek.