Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek.
Once a manageable function, security operations has become a battlefield of complexity. The post Reclaiming Control: How Enterprises Can Fix Broken Security Operations appeared first on SecurityWeek.
Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a third China-based threat actor, which it tracks asRead More »Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups
Dell confirms the compromise of a demo environment containing synthetic data after hackers leak allegedly stolen information. The post Dell Says Data Leaked by Hackers Is Fake appeared first on SecurityWeek.
Eight vulnerabilities, including ones allowing full control over a device, have been discovered and patched in Helmholz REX 100 industrial routers. The post Vulnerabilities Expose Helmholz Industrial Routers to Hacking appeared first on SecurityWeek.
Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) to acknowledge active exploitation. “In July 2025, the Cisco PSIRT [Product Security Incident Response Team], became aware of attempted exploitation of some of these vulnerabilitiesRead More »Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access
Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign. The activity has been attributed by Arctic Wolf Labs to a financially motivated hacking group called Greedy Sponge. It’s believed to be active since earlyRead More »Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate
AI-powered cybersecurity company Darktrace has acquired network traffic visibility provider Mira Security. The post Darktrace Acquires Mira Security appeared first on SecurityWeek.
Security leaders share their insights on the Qantas data breach.
Dior says hackers accessed personal information in a January 2025 intrusion. No payment information was compromised. The post Dior Says Personal Information Stolen in Cyberattack appeared first on SecurityWeek.
