Chrome 142 Update Patches High-Severity Flaws
An out-of-bounds write flaw in WebGPU tracked as CVE-2025-12725 could be exploited for remote code execution. The post Chrome 142 Update Patches High-Severity Flaws appeared first on SecurityWeek.
Enterprise Credentials at Risk – Same Old, Same Old?
Imagine this: Sarah from accounting gets what looks like a routine password reset email from your organization’s cloud provider. She clicks the link, types in her credentials, and goes back to her spreadsheet. But unknown to her, she’s just made a big mistake. Sarah just accidentally handed over her loginRead More »Enterprise Credentials at Risk – Same Old, Same Old?
Destructive Russian Cyberattacks on Ukraine Expand to Grain Sector
Multiple state-sponsored Russian groups are targeting Ukrainian entities and European countries linked to Ukraine. The post Destructive Russian Cyberattacks on Ukraine Expand to Grain Sector appeared first on SecurityWeek.
Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts
Google on Thursday said it’s rolling out a dedicated form to allow businesses listed on Google Maps to report extortion attempts made by threat actors who post inauthentic bad reviews on the platform and demand ransoms to remove the negative comments. The approach is designed to tackle a common practiceRead More »Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts
18 Arrested in Crackdown on Credit Card Fraud Rings
Between 2016 and 2021, the suspects defrauded 4.3 million cardholders in 193 countries of €300 million (~$346 million). The post 18 Arrested in Crackdown on Credit Card Fraud Rings appeared first on SecurityWeek.
Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be created with the help of artificial intelligence – in other words, vibe-coded. Secure Annex researcher John Tuckner, who flagged the extension “susvsex,” said it does not attempt to hide itsRead More »Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
Researchers Hack ChatGPT Memories and Web Search Features
Tenable researchers discovered seven vulnerabilities, including ones affecting the latest GPT model. The post Researchers Hack ChatGPT Memories and Web Search Features appeared first on SecurityWeek.
Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine
A previously unknown threat activity cluster has been observed impersonating Slovak cybersecurity company ESET as part of phishing attacks targeting Ukrainian entities. The campaign, detected in May 2025, is tracked by the security outfit under the moniker InedibleOchotense, describing it as Russia-aligned. “InedibleOchotense sent spear-phishing emails and Signal text messages,Read More »Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine
Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362
Cisco on Wednesday disclosed that it became aware of a new attack variant that’s designed to target devices running Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software releases that are susceptible to CVE-2025-20333 and CVE-2025-20362. “This attack can cause unpatched devices toRead More »Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362
Truffle Security Raises $25 Million for Secret Scanning Engine
The investment will fuel the development of Truffle’s enterprise-grade secrets detection, verification, and remediation platform. The post Truffle Security Raises $25 Million for Secret Scanning Engine appeared first on SecurityWeek.