The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of a North Korean hacking group called Andariel for their role in the infamous remote information technology (IT) worker scheme. The Treasury said Song Kum Hyok, a 38-year-old North Korean national with anRead More »U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
This time it’s the Swedish prime minister’s bodyguards. (Last year, it was the US Secret Service and Emmanuel Macron’s bodyguards. in 2018, it was secret US military bases.) This is ridiculous. Why do people continue to make their data public?
Industrial solutions providers Siemens, Schneider Electric and Phoenix Contact have released July 2025 Patch Tuesday ICS security advisories. The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact appeared first on SecurityWeek.
Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. A recent standout is a workflow that handles malware alerts withRead More »How To Automate Ticket Creation, Device Identification and Threat Triage With Tines
Multiple vulnerabilities in Ruckus Wireless management products could be exploited to fully compromise the managed environments. The post Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking appeared first on SecurityWeek.
Nova Scotia Power is notifying individuals affected by the recent data breach, including in the United States. The post Canadian Electric Utility Says Power Meters Disrupted by Cyberattack appeared first on SecurityWeek.
A Chinese national has been arrested in Milan, Italy, for his alleged links to a state-sponsored hacking group known as Silk Typhoon and for carrying out cyber attacks against American organizations and government agencies. The 33-year-old, Xu Zewei, has been charged with nine counts of wire fraud and conspiracy toRead More »Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks
Ivanti, Fortinet, and Splunk have released patches for critical- and high-severity vulnerabilities in their products. The post Ivanti, Fortinet, Splunk Release Security Updates appeared first on SecurityWeek.
For the first time in 2025, Microsoft’s Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but the company acknowledged one of the addressed flaws had been publicly known. The patches resolve a whopping 130 vulnerabilities, along with 10 other non-Microsoft CVEs that affect Visual Studio, AMD, andRead More »Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
Xu Zewei has been arrested on charges that he is a member of the Chinese state-sponsored hacking group Hafnium (Silk Typhoon). The post Alleged Chinese State Hacker Wanted by US Arrested in Italy appeared first on SecurityWeek.
