OpenAI has been awarded a $200 million contract for AI capabilities to help the Defense Department address national security challenges. The post OpenAI to Help DoD With Cyber Defense Under New $200 Million Contract appeared first on SecurityWeek.
Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multi-stage malware. “The malware enables data exfiltration (including credentials, browser data, and session tokens), remote access, and long-term persistence on infected systems,” Trend Micro researchers Jovit Samaniego, Aira Marcelo,Read More »Water Curse Employs 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign
Google has released a Chrome 137 update to resolve two memory bugs in the browser’s V8 and Profiler components. The post Chrome 137 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek.
Veeam and BeyondTrust have resolved several vulnerabilities that could be exploited for remote code execution. The post Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products appeared first on SecurityWeek.
Hackers have stolen personal and health information belonging to the customers of healthcare organizations served by Episource. The post Data Breach at Healthcare Services Firm Episource Impacts 5.4 Million People appeared first on SecurityWeek.
A former U.S. Central Intelligence Agency (CIA) analyst has been sentenced to little more than three years in prison for unlawfully retaining and transmitting top secret National Defense Information (NDI) to people who were not entitled to receive them and for attempting to cover up the malicious activity. Asif WilliamRead More »Ex-CIA Analyst Sentenced to 37 Months for Leaking Top Secret National Defense Documents
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild. The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership bug in the Linux kernel thatRead More »CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability
Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions. The security defect, tracked as CVE-2025-23121, carries a CVSS score of 9.9 out of a maximum of 10.0. “A vulnerability allowing remote codeRead More »Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication
Iran has throttled internet access in the country in a purported attempt to hamper Israel’s ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on the country, escalating geopolitical tensions in the region. Fatemeh Mohajerani, the spokesperson of the Iranian Government, and the Iranian CyberRead More »Iran Slows Internet to Prevent Cyber Attacks Amid Escalating Regional Conflict
A recent attack campaign took advantage of exposed Docker Remote APIs and used the Tor network to deploy a stealthy cryptocurrency miner. This blog breaks down the attack chain.
