Modern security teams often feel like they’re driving through fog with failing headlights. Threats accelerate, alerts multiply, and SOCs struggle to understand which dangers matter right now for their business. Breaking out of reactive defense is no longer optional. It’s the difference between preventing incidents and cleaning up after them.Read More »Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time
Led by Bain Capital Ventures, the investment round brings the total raised by the company to $146.5 million. The post Adaptive Security Raises $81 Million in Series B Funding appeared first on SecurityWeek.
The threat actor known as Jewelbug has been increasingly focusing on government targets in Europe since July 2025, even as it continues to attack entities located in Southeast Asia and South America. Check Point Research is tracking the cluster under the name Ink Dragon. It’s also referenced by the broaderRead More »China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware
The malware hijacks purchase commissions, tracks users, removes security headers, injects hidden iframes, and bypasses CAPTCHA. The post GhostPoster Firefox Extensions Hide Malware in Icons appeared first on SecurityWeek.
Introduction In March 2025, we discovered Operation ForumTroll, a series of sophisticated cyberattacks exploiting the CVE-2025-2783 vulnerability in Google Chrome. We previously detailed the malicious implants used in the operation: the LeetAgent backdoor and the complex spyware Dante, developed by Memento Labs (formerly Hacking Team). However, the attackers behind thisRead More »Operation ForumTroll continues: Russian political scientists targeted using plagiarism reports
LKQ said the personal information of thousands of individuals was compromised as a result of the hacker attack. The post Auto Parts Giant LKQ Confirms Oracle EBS Breach appeared first on SecurityWeek.
A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code designed to hijack affiliate links, inject tracking code, and commit click and ad fraud. The extensions have been collectively downloaded over 50,000 times, according to Koi Security, which discoveredRead More »GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads
The startup takes an agentic approach to preventing vulnerability exploitation by uncovering exposure across assets. The post Dux Emerges From Stealth Mode With $9 Million in Funding appeared first on SecurityWeek.
From open source libraries to AI-powered coding assistants, speed-driven development is introducing new third-party risks that threat actors are increasingly exploiting. The post From Open Source to OpenAI: The Evolution of Third-Party Risk appeared first on SecurityWeek.
An ongoing campaign has been observed targeting Amazon Web Services (AWS) customers using compromised Identity and Access Management (IAM) credentials to enable cryptocurrency mining. The activity, first detected by Amazon’s GuardDuty managed threat detection service and its automated security monitoring systems on November 2, 2025, employs never-before-seen persistence techniques toRead More »Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign
