Other noteworthy stories that might have slipped under the radar: Canada’s House of Commons hacked, Russia behind court system attack, Pennsylvania AG targeted in cyberattack. The post In Other News: Critical Zoom Flaw, City’s Water Threatened by Hack, $330 Billion OT Cyber Risk appeared first on SecurityWeek.
An Erlang/OTP vulnerability has been exploited in the wild, with a majority of attempts targeting OT environments.
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday renewed sanctions against Russian cryptocurrency exchange platform Garantex for facilitating ransomware actors and other cybercriminals by processing more than $100 million in transactions linked to illicit activities since 2019. The Treasury said it’s also imposing sanctionsRead More »U.S. Sanctions Garantex and Grinex Over $100M in Ransomware-Linked Illicit Crypto Transactions
Porn sites are hiding code in .svg files: Unpacking the attack took work because much of the JavaScript in the .svg images was heavily obscured using a custom version of “JSFuck,” a technique that uses only a handful of character types to encode JavaScript into a camouflaged wall of text.Read More »Trojans Embedded in .svg Files
We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents are becoming autonomous actors — interacting with data, systems, and humans without constant oversight — privacy is no longer about control. It’s about trust. And trust,Read More »Zero Trust + AI: Privacy in the Age of Agentic AI
With cybersecurity budgets strained, organizations are turning to AI-powered automation to plug staffing gaps, maintain defenses, and survive escalating threats. The post Tight Cybersecurity Budgets Accelerate the Shift to AI-Driven Defense appeared first on SecurityWeek.
Android pKVM has achieved SESIP Level 5 certification, which means it’s resistant to highly skilled, motivated, and funded attackers. The post Google Says Android pKVM Earns Highest Level of Security Assurance appeared first on SecurityWeek.
Rockwell Automation has published several advisories describing critical and high-severity vulnerabilities affecting its products. The post Critical Flaws Patched in Rockwell FactoryTalk, Micro800, ControlLogix Products appeared first on SecurityWeek.
Cisco has released over 20 advisories as part of its August 2025 bundled publication for ASA, FMC and FTD products. The post Cisco Patches Critical Vulnerability in Firewall Management Platform appeared first on SecurityWeek.
Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems. The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated,Read More »Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution
