Protecting Critical Infrastructure With Limited Funding
In this episode of Lock It Down with Security Magazine, Associate Editor Taelor Sutherland speaks with Chetrice Romero, a senior cybersecurity advisor at Ice Miller.
Virtual Event Today: Zero Trust & Identity Strategies Summit
Join the virtual event we dive into the world of digital identity management and the role of zero-trust principles and associated technologies. The post Virtual Event Today: Zero Trust & Identity Strategies Summit appeared first on SecurityWeek.
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave
Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT to targets. The activity, observed by cybersecurity company Huntress in August 2025, is characterized by the use of an unusualRead More »Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave
Google DeepMind’s New AI Agent Finds and Fixes Vulnerabilities
The new product is called CodeMender and it can rewrite vulnerable code to prevent future exploits. The post Google DeepMind’s New AI Agent Finds and Fixes Vulnerabilities appeared first on SecurityWeek.
Google Offers Up to $20,000 in New AI Bug Bounty Program
The company has updated the program’s scope and has combined the rewards for abuse and security issues into a single table. The post Google Offers Up to $20,000 in New AI Bug Bounty Program appeared first on SecurityWeek.
Step Into the Password Graveyard… If You Dare (and Join the Live Session)
Every year, weak passwords lead to millions in losses — and many of those breaches could have been stopped. Attackers don’t need advanced tools; they just need one careless login. For IT teams, that means endless resets, compliance struggles, and sleepless nights worrying about the next credential leak. This Halloween,Read More »Step Into the Password Graveyard… If You Dare (and Join the Live Session)
LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem
Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once underscoring continued shifts in the cyber threat landscape. The coalition is seen as an attempt on the part of the financially motivated threat actors to conduct more effective ransomware attacks, ReliaQuest said in aRead More »LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem
North Korean Hackers Have Stolen $2 Billion in Cryptocurrency in 2025
The hackers are believed to have stolen over $6 billion for the Pyongyang regime, financing its military programs. The post North Korean Hackers Have Stolen $2 Billion in Cryptocurrency in 2025 appeared first on SecurityWeek.
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now
Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol (MCP) server that could allow attackers to achieve code execution. The vulnerability, tracked as CVE-2025-53967 (CVSS score: 7.5), is a command injection bug stemming from the unsanitized use of user input, opening the doorRead More »Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now
Radiflow Unveils New OT Security Platform
Radiflow360 provides enhanced visibility, risk management, and incident response capabilities for mid-sized industrial enterprises. The post Radiflow Unveils New OT Security Platform appeared first on SecurityWeek.