Microsoft on Monday disclosed that it automatically detected and neutralized a distributed denial-of-service (DDoS) attack targeting a single endpoint in Australia that measured 5.72 terabits per second (Tbps) and nearly 3.64 billion packets per second (pps). The tech giant said it was the largest DDoS attack ever observed in theRead More »Microsoft Mitigates Record 5.72 Tbps DDoS Attack Driven by AISURU Botnet
The flaw was reported by Google’s Threat Analysis Group and was likely exploited by a commercial spyware vendor. The post Chrome 142 Update Patches Exploited Zero-Day appeared first on SecurityWeek.
Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 (CVSS score: 8.8), a type confusion vulnerability in the V8 JavaScript and WebAssembly engine that could be exploitedRead More »Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
Cybersecurity researchers have discovered malware campaigns using the now-prevalent ClickFix social engineering tactic to deploy Amatera Stealer and NetSupport RAT. The activity, observed this month, is being tracked by eSentire under the moniker EVALUSION. First spotted in June 2025, Amatera is assessed to be an evolution of ACR (short forRead More »New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT
The state-sponsored APT has been targeting the victims’ family members to increase pressure on their targets. The post Iranian Hackers Target Defense and Government Officials in Ongoing Campaign appeared first on SecurityWeek.
Names, addresses, email addresses, and phone numbers were compromised after an employee fell for a social engineering attack. The post DoorDash Says Personal Information Stolen in Data Breach appeared first on SecurityWeek.
Audricus Phagnasay, Jason Salazar, Alexander Paul Travis, Erick Ntekereze, and Oleksandr Didenko have pleaded guilty. The post 5 Plead Guilty in US to Helping North Korean IT Workers appeared first on SecurityWeek.
This week showed just how fast things can go wrong when no one’s watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms. It’s not just about hacking anymore. Criminals areRead More »⚡ Weekly Recap: Fortinet Exploited, China’s AI Hacks, PhaaS Empire Falls & More
The next three in this series on online events highlighting interesting uses of AI in cybersecurity are online: #4, #5, and #6. Well worth watching.
Phishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps. LinkedIn in particular has become a hotbed for phishing attacks, and for good reason. Attackers are running sophisticated spear-phishing attacksRead More »5 Reasons Why Attackers Are Phishing Over LinkedIn
