Harris-Walz Campaign Possibly Targeted in iPhone Cyberattack
A cybersecurity firm believes an iPhone hacking campaign occurred and targeted 5 high-profile Americans.
Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group
The reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets between July 2024 and March 2025. “The victimology includes a South Asian government entity, a European media organization, and more than 70 organizations across a wide range of sectors,” SentinelOneRead More »Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group
Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks
A now-patched critical security flaw in the Wazur Server is being exploited by threat actors to drop two different Mirai botnet variants and use them to conduct distributed denial-of-service (DDoS) attacks. Akamai, which first discovered the exploitation efforts in late March 2025, said the malicious campaign targets CVE-2025-24016 (CVSS score:Read More »Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks
Guardz Banks $56M Series B for All-in-One SMB Security
The Israeli company said the Series B raise was led by ClearSky and included equity stakes for new backer Phoenix Financial. The post Guardz Banks $56M Series B for All-in-One SMB Security appeared first on SecurityWeek.
Mirai Botnets Exploiting Wazuh Security Platform Vulnerability
CVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets. The post Mirai Botnets Exploiting Wazuh Security Platform Vulnerability appeared first on SecurityWeek.
React Native Aria Packages Backdoored in Supply Chain Attack
A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack. The post React Native Aria Packages Backdoored in Supply Chain Attack appeared first on SecurityWeek.
Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems
Two malicious NPM packages contain code that would delete production systems when triggered with the right credentials. The post Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems appeared first on SecurityWeek.
Vulnerability Impacts Various Cloud Deployments of Cisco ISE
A Cisco vulnerability could affect cloud deployments of Cisco Identity Services Engine (ISE) in certain systems.
.jpg?1749233911)
84% of Organizations Are Now Using AI in the Cloud
Orca Security recently released the 2025 State of Cloud Security Report, finding that 84% of organizations now use AI in the cloud, and 62% of organizations have at least one vulnerable AI package.
iMessage Zero-Click Attacks Suspected in Targeting of High-Value Individuals
iVerify links iPhone crashes to sophisticated zero-click attacks via iMessage targeting individuals involved in politics in the EU and US. The post iMessage Zero-Click Attacks Suspected in Targeting of High-Value Individuals appeared first on SecurityWeek.