Noteworthy stories that might have slipped under the radar: Eve Security seed funding, Claroty report, patches from WatchGuard and Nokia. The post In Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeek’s Coding Bias appeared first on SecurityWeek.
A proxy network known as REM Proxy is powered by malware known as SystemBC, offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies. “REM Proxy is a sizeable network, which also markets a pool of 20,000 MikrotikRead More »SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers
Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. The vulnerability, tracked as CVE-2025-10035, carries a CVSS score of 10.0, indicating maximum severity. “A deserialization vulnerability in the License Servlet of Fortra’s GoAnywhere MFTRead More »Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability
The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. “Phishing-as-a-Service (PhaaS) deployments have risen significantly recently,” Netcraft said in a new report. “The PhaaS operators charge a monthly fee for phishing software with pre-installed templatesRead More »17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge
Turla malware was deployed in February on select systems that Gamaredon had compromised in January. The post Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions appeared first on SecurityWeek.
Hackers chained two Ivanti EPMM vulnerabilities to collect system information, dump credentials, and execute malware. The post CISA Analyzes Malware From Ivanti EPMM Intrusions appeared first on SecurityWeek.
The AI agent was able to solve different types of CAPTCHAs and adjusted its cursor movements to better mimic human behavior. The post ChatGPT Tricked Into Solving CAPTCHAs appeared first on SecurityWeek.
The Atlantic Council has published its second annual report: “Mythical Beasts: Diving into the depths of the global spyware market.” Too much good detail to summarize, but here are two items: First, the authors found that the number of US-based investors in spyware has notably increased in the past year,Read More »Surveying the Global Spyware Market
Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. The workflow we are highlighting streamlines security alert handling by automaticallyRead More »How To Automate Alert Triage With AI Agents and Confluence SOPs Using Tines
Netskope has debuted on Nasdaq and its shares soared more than 18%, bringing the company’s value to $8.6 billion. The post Netskope Raises Over $908 Million in IPO appeared first on SecurityWeek.
