A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is CVE-2025-41244 (CVSS score: 7.8), a local privilege escalation bug affectingRead More »Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
The vulnerability could lead to a denial-of-service condition or memory corruption when a malicious font is processed. The post Apple Updates iOS and macOS to Prevent Malicious Font Attacks appeared first on SecurityWeek.
The incident has resulted in a system failure that impacted orders and shipments in Japan, and call center operations. The post Cyberattack on Beer Giant Asahi Disrupts Production appeared first on SecurityWeek.
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly. Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groupsRead More »New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events
The world of enterprise technology is undergoing a dramatic shift. Gen-AI adoption is accelerating at an unprecedented pace, and SaaS vendors are embedding powerful LLMs directly into their platforms. Organizations are embracing AI-powered applications across every function, from marketing and development to finance and HR. This transformation unlocks innovation andRead More »Evolving Enterprise Defense to Secure the Modern AI Supply Chain
A Chinese national has been convicted for her role in a fraudulent cryptocurrency scheme after law enforcement authorities in the U.K. confiscated £5.5 billion (about $7.39 billion) during a raid of her home in London. The cryptocurrency seizure, amounting to 61,000 Bitcoin, is believed to be the single largest suchRead More »U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-32463 (CVSS score: 9.3),Read More »CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems
The CISA is set to expire on September 30, 2025, raising urgent questions about risk, politics, and the future of threat intelligence. The post The Cybersecurity Information Sharing Act Faces Expiration appeared first on SecurityWeek.
Threat actors have been observed using seemingly legitimate artificial intelligence (AI) tools and software to sneakily slip malware for future attacks on organizations worldwide. According to Trend Micro, the campaign is using productivity or AI-enhanced tools to deliver malware targeting various regions, including Europe, the Americas, and the Asia, MiddleRead More »EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
WestJet, an Alberta Partnership and Canadian commercial airline headquartered in Calgary, Alberta has notified United States residents of a recent cybersecurity incident that may affect certain individuals’ personal information.
