Multiple legitimate, unusual tools were used in a Fog ransomware attack, including one employed by Chinese hacking group APT41. The post Fog Ransomware Attack Employs Unusual Tools appeared first on SecurityWeek.
Mitel has announced patches for a MiCollab path traversal vulnerability that can be exploited remotely without authentication. The post Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking appeared first on SecurityWeek.
Trend Micro patches critical-severity Apex Central and Endpoint Encryption PolicyServer flaws leading to remote code execution. The post Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption appeared first on SecurityWeek.
ZeroRISC has raised $10 million in seed funding for production-grade open source silicon security, built on OpenTitan designs. The post ZeroRISC Raises $10 Million for Open Source Silicon Security Solutions appeared first on SecurityWeek.
Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS SequoiaRead More »Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Anubis is an emerging ransomware-as-a-service (RaaS) group that adds a destructive edge to the typical double-extortion model with its file-wiping feature. We explore its origins and examine the tactics behind its dual-threat approach.
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new report on the fallout from that investigation finds this dark adRead More »Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to other TDS services like Help TDS and Disposable TDS, indicating that the sophisticated cybercriminal operation is a sprawling enterprise of its own that’s designed to distribute malicious content. “VexTrio is a group of malicious adtechRead More »WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
When given highly complex problems, AI models failed to provide correct answers.
This is news: A data broker owned by the country’s major airlines, including Delta, American Airlines, and United, collected U.S. travellers’ domestic flight records, sold access to them to Customs and Border Protection (CBP), and then as part of the contract told CBP to not reveal where the data cameRead More »Airlines Secretly Selling Passenger Data to the Government
