Cryptocurrency mining operation hits exposed Consul dashboards, Docker Engine APIs and Gitea code-hosting instances to push Monero miner. The post Cryptojackers Caught Mining Monero via Exposed DevOps Infrastructure appeared first on SecurityWeek.

Chipmaker says there are indications from Google Threat Analysis Group that a trio of flaws “may be under limited, targeted exploitation.” The post Qualcomm Flags Exploitation of Adreno GPU Flaws, Urges OEMs to Patch Urgently appeared first on SecurityWeek.

Exploitation of the vBulletin vulnerability tracked as CVE-2025-48827 and CVE-2025-48828 started shortly after disclosure. The post vBulletin Vulnerability Exploited in the Wild appeared first on SecurityWeek.

A new Australian law requires larger companies to declare any ransomware payments they have made.

Security researchers flag two phishing campaigns abusing Firebase and Google Apps Script to host malware and fake login pages. The post Firebase, Google Apps Script Abused in Fresh Phishing Campaigns appeared first on SecurityWeek.

The US Treasury Department US has slapped sanctions on Funnull Technology for providing support to cryptocurrency investment scams. The post US Sanctions Philippine Company for Supporting Crypto Scams appeared first on SecurityWeek.