IT threat evolution in Q2 2025. Mobile statistics IT threat evolution in Q2 2025. Non-mobile statistics The mobile section of our quarterly cyberthreat report includes statistics on malware, adware, and potentially unwanted software for Android, as well as descriptions of the most notable threats for Android and iOS discovered duringRead More »IT threat evolution in Q2 2025. Mobile statistics
IT threat evolution in Q2 2025. Non-mobile statistics IT threat evolution in Q2 2025. Mobile statistics The statistics in this report are based on detection verdicts returned by Kaspersky products unless otherwise stated. The information was provided by Kaspersky users who consented to sharing statistical data. The quarter in numbersRead More »IT threat evolution in Q2 2025. Non-mobile statistics
Proofpoint, SpyCloud, Tanium, and Tenable confirmed that hackers accessed information stored in their Salesforce instances. The post More Cybersecurity Firms Hit by Salesforce-Salesloft Drift Breach appeared first on SecurityWeek.
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn’t kept pace. Most organizations still rely on traditional reporting methods—static PDFs, emailed documents, and spreadsheet-based tracking. The problem? These outdatedRead More »Automation Is Redefining Pentest Delivery
A critical SAP S/4HANA code injection flaw tracked as CVE-2025-42957 and allowing full system takeover has been exploited in the wild. The post Recent SAP S/4HANA Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Cybersecurity researchers have flagged a new malware campaign that has leveraged Scalable Vector Graphics (SVG) files as part of phishing attacks impersonating the Colombian judicial system. The SVG files, according to VirusTotal, are distributed via email and designed to execute an embedded JavaScript payload, which then decodes and injects aRead More »VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages
The Russian state-sponsored hacking group tracked as APT28 has been attributed to a new Microsoft Outlook backdoor called NotDoor in attacks targeting multiple companies from different sectors in NATO member countries. NotDoor “is a VBA macro for Outlook designed to monitor incoming emails for a specific trigger word,” S2 Grupo’sRead More »Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries
Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan andRead More »GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
The Pennsylvania Office of Attorney General was the victim of a ransomware attack.
Security researchers interested in participating in the 2026 Apple Security Research Device program can apply until October 31. The post Apple Seeks Researchers for 2026 iPhone Security Program appeared first on SecurityWeek.
