SecurityWeek

North Korea’s Fake Recruiters Feed Stolen Data to IT Workers

A North Korean threat actor is supplying stolen developer information to the country’s horde of fraudulent IT workers, ESET ...
SecurityWeek

No Patches for Vulnerabilities Allowing Cognex Industrial Camera Hacking

Some of the industrial cameras made by Cognex are affected by potentially serious vulnerabilities, but they will not receive ...
SecurityWeek

New XCSSET macOS Malware Variant Hijacks Cryptocurrency Transactions

An updated variant of the sophisticated XCSSET macOS malware is monitoring the system clipboard to hijack cryptocurrency ...
SecurityWeek

Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day

Exploitation of a recently disclosed Fortra GoAnywhere MFT vulnerability started at least one week before patches were ...
SecurityWeek

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks

Cisco released emergency patches for two firewall vulnerabilities exploited as zero-days in the ArcaneDoor espionage campaign ...
SecurityWeek

Chinese Hackers Lurked Nearly 400 Days in Networks With Stealthy BrickStorm Malware

Chinese cyberspies have managed to dwell in compromised networks for hundreds of days to obtain valuable information.
SecurityWeek

Salesforce AI Hack Enabled CRM Data Theft

Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak.
SecurityWeek

PyPI Warns Users of Fresh Phishing Campaign

PyPI, the default platform for Python's package management tools, is warning users of a fresh phishing campaign.
SecurityWeek

Chinese Cyberspies Hacked US Defense Contractors

Chinese epionage group has compromised US defense contractors and various other organizations in the Americas, Europe, Asia, ...
SecurityWeek

RTX Confirms Airport Services Hit by Ransomware

Aerospace and defense giant RTX has officially confirmed that airport services have been disrupted as a result of a ...
SecurityWeekOpinion

Perspective: Why Politics in the Workplace is a Cybersecurity Risk

Keeping politics out of work environments strengthens cohesion, reduces risk, and protects organizational resilience.
SecurityWeek

CSA Unveils SaaS Security Controls Framework to Ease Complexity

CSA introduces the SaaS Security Controls Framework (SSCF) to reduce complexity, standardize controls, and strengthen shared ...