Details from leaked documents: While people often look at China’s Great Firewall as a single, all-powerful government system unique to China, the actual process of developing and maintaining it works the same way as surveillance technology in the West. Geedge collaborates with academic institutions on research and development, adapts itsRead More »Details About Chinese Surveillance and Propaganda Companies
We hear this a lot: “We’ve got hundreds of service accounts and AI agents running in the background. We didn’t create most of them. We don’t know who owns them. How are we supposed to secure them?” Every enterprise today runs on more than users. Behind the scenes, thousands ofRead More »How to Gain Control of AI Agents and Non-Human Identities
Threat actors rely on malicious GitHub repositories to infect LastPass’s macOS users with the Atomic infostealer. The post Widespread Infostealer Campaign Targeting macOS Users appeared first on SecurityWeek.
Threat actors likely spoofed the official government website for personal information theft and monetary fraudulent activity. The post FBI Warns of Spoofed IC3 Website appeared first on SecurityWeek.
Tracked as CVE-2025-10035 (CVSS score of 10), the critical deserialization vulnerability could be exploited for command injection. The post Fortra Patches Critical GoAnywhere MFT Vulnerability appeared first on SecurityWeek.
After Scattered Spider claimed to retire, research suggests the group has already returned to target the financial sector.
A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilegeRead More »Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants
The cyberattack affected software of Collins Aerospace, whose systems help passengers check in, print boarding passes and bag tags, and dispatch their luggage. The post Airport Cyberattack Disrupts More Flights Across Europe appeared first on SecurityWeek.
Threat actors with ties to the Democratic People’s Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret. “The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations ratherRead More »DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
The disruptions to airport electronic systems meant that only manual check-in and boarding was possible. The post Cyberattack Disrupts Check-In Systems at Major European Airports appeared first on SecurityWeek.
