New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises
We uncovered a campaign that makes use of Charon, a new ransomware family, and advanced APT-style techniques to target organizations with customized ransom demands.
New TETRA Radio Encryption Flaws Expose Law Enforcement Communications
Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) communications protocol, including in its proprietary end-to-end encryption (E2EE) mechanism that exposes the system to replay and brute-force attacks, and even decrypt encrypted traffic. Details of the vulnerabilities – dubbed 2TETRA:2BURST – were presentedRead More »New TETRA Radio Encryption Flaws Expose Law Enforcement Communications
Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as early as beginning of May 2025, with about 70% of detections originating from firewalls protecting operational technology (OT) networks. The vulnerability in question is CVE-2025-32433 (CVSS score: 10.0), a missing authentication issueRead More »Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
Chrome Sandbox Escape Earns Researcher $250,000
A researcher has been given the highest reward in Google’s Chrome bug bounty program for a sandbox escape with remote code execution. The post Chrome Sandbox Escape Earns Researcher $250,000 appeared first on SecurityWeek.
Managing the Trust-Risk Equation in AI: Predicting Hallucinations Before They Strike
New physics-based research suggests large language models could predict when their own answers are about to go wrong — a potential game changer for trust, risk, and security in AI-driven systems. The post Managing the Trust-Risk Equation in AI: Predicting Hallucinations Before They Strike appeared first on SecurityWeek.
UK Warns That Sharing Shoplifters’ Photos May Violate GDPR
The U.K. data watchdog warns that sharing images of shoplifters online or in store windows may violate their rights under GDPR laws.
Connex Credit Union Data Breach Impacts 172,000 People
Hackers targeted Connex, one of the largest credit unions in Connecticut, and likely stole files containing personal information. The post Connex Credit Union Data Breach Impacts 172,000 People appeared first on SecurityWeek.
⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More
This week, cyber attackers are moving quickly, and businesses need to stay alert. They’re finding new weaknesses in popular software and coming up with clever ways to get around security. Even one unpatched flaw could let attackers in, leading to data theft or even taking control of your systems. TheRead More »⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More
Flaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data Theft
A researcher has demonstrated how a platform used by over 1,000 dealerships in the US could have been used to hack cars. The post Flaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data Theft appeared first on SecurityWeek.
6 Lessons Learned: Focusing Security Where Business Value Lives
The Evolution of Exposure Management Most security teams have a good sense of what’s critical in their environment. What’s harder to pin down is what’s business-critical. These are the assets that support the processes the business can’t function without. They’re not always the loudest or most exposed. They’re the onesRead More »6 Lessons Learned: Focusing Security Where Business Value Lives