Salt Typhoon Hacks National Guard Systems
The Department of Defense has discovered the National Guard Systems have been hacked by Salt Typhoon.
Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services
Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services. The vulnerability, tracked as CVE-2025-23266, carries a CVSS score of 9.0 out of 10.0. It has been codenamed NVIDIAScape by Google-owned cloud security company Wiz.Read More »Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services
CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that’s designed to deliver a malware codenamed LAMEHUG. “An obvious feature of LAMEHUG is the use of LLM (large language model), used to generate commands based on their textual representation (description),” CERT-UA said in aRead More »CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign
Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication
Dozens of FortiWeb instances have been hacked after PoC targeting a recent critical vulnerability was shared publicly. The post Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication appeared first on SecurityWeek.
1.4 Million Affected by Data Breach at Virginia Radiology Practice
Radiology Associates of Richmond has disclosed a data breach impacting protected health and personal information. The post 1.4 Million Affected by Data Breach at Virginia Radiology Practice appeared first on SecurityWeek.
New Mobile Phone Forensics Tool
The Chinese have a new tool called Massistant. Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico. The forensics tool works in tandem with a corresponding desktop software. Massistant gains access to device GPS location data, SMSRead More »New Mobile Phone Forensics Tool
Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices
Google on Thursday revealed it’s pursuing legal action in New York federal court against 25 unnamed individuals or entities in China for allegedly operating BADBOX 2.0 botnet and residential proxy infrastructure. “The BADBOX 2.0 botnet compromised over 10 million uncertified devices running Android’s open-source software (Android Open Source Project), whichRead More »Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices
Fraud: A Growth Industry Powered by Gen-AI
With generative AI enabling fraud-as-a-service at scale, legacy defenses are crumbling. The next wave of cybercrime is faster, smarter, and terrifyingly synthetic. The post Fraud: A Growth Industry Powered by Gen-AI appeared first on SecurityWeek.
From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware
With IT outages and disruptions escalating, IT teams are shifting their focus beyond simply backing up data to maintaining operations during an incident. One of the key drivers behind this shift is the growing threat of ransomware, which continues to evolve in both frequency and complexity. Ransomware-as-a-Service (RaaS) platforms haveRead More »From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware
CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable
The CitrixBleed 2 vulnerability in NetScaler may expose organizations to compromise even if patches have been applied. The post CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable appeared first on SecurityWeek.