The ransomware attack on the pathology services provider disrupted operations at several London hospitals. The post Synnovis Confirms Patient Information Stolen in Disruptive Ransomware Attack appeared first on SecurityWeek.
Malware families like Rhadamanthys Stealer, Venom RAT, and the Elysium botnet have been disrupted as part of a coordinated law enforcement operation led by Europol and Eurojust. The activity, which is taking place between November 10 and 13, 2025, marks the latest phase of Operation Endgame, an ongoing operation designedRead More »Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown
Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us. But security teams are fighting back. They’re building faster defenses, better waysRead More »ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories
Amazon has seen a threat actor exploiting CVE-2025-20337 and CVE-2025-5777, two critical Cisco and Citrix vulnerabilities, as zero-days. The post Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon appeared first on SecurityWeek.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up toRead More »CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks
Google and Mozilla have released fresh Chrome and Firefox updates that address multiple high-severity security defects. The post Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases appeared first on SecurityWeek.
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort. “The packages were systematically published over an extended period, flooding the npm registry with junk packages that survivedRead More »Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack
In this blog entry, Trend™ Research analyses the layered command-and-control approaches that Lumma Stealer uses to maintain its ongoing operations while enhancing collection of victim-environment data.
NTT’s chief cybersecurity strategist Mihoko Matsubara on the new geopolitics of hacking, the “chicken and egg” problem of 5G, and the AGI threat to society. The post China’s Cyber Silence is More Worrying Than Russia’s Noise, Chief Cybersecurity Strategist Says appeared first on SecurityWeek.
Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries. The PhaaS kit is used to conduct large-scaleRead More » Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform
