A critical-severity vulnerability in Teleport could allow remote attackers to bypass SSH authentication and access managed systems. The post Critical Authentication Bypass Flaw Patched in Teleport appeared first on SecurityWeek.
The personal information of 743,000 individuals was compromised in a 2024 ransomware attack on McLaren Health Care. The post 743,000 Impacted by McLaren Health Care Data Breach appeared first on SecurityWeek.
It sure is a hard time to be a SOC analyst. Every day, they are expected to solve high-consequence problems with half the data and twice the pressure. Analysts are overwhelmed—not just by threats, but by the systems and processes in place that are meant to help them respond. ToolingRead More »How AI-Enabled Workflow Automation Can Help SOCs Reduce Burnout
It was a recently unimaginable 7.3 Tbps: The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications, and DNS lookups. It speeds up communications by not formallyRead More »Largest DDoS Attack to Date
Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems. “Unlike direct prompt injections, where an attacker directly inputs malicious commands into aRead More »Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks
Iranian hackers are expected to intensify cyberattacks against the US after the recent air strikes on Iran’s nuclear sites. The post US Braces for Cyberattacks After Bombing Iranian Nuclear Sites appeared first on SecurityWeek.
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until they are. What if your environment is already being tested, just not in ways you expected? Some of the most dangerous moves are hidden in plain sight. It’sRead More »⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
Nucor has shared an update on the impact of the recent cyberattack and confirmed that some data has been taken from its IT systems. The post Steelmaker Nucor Says Hackers Stole Data in Recent Attack appeared first on SecurityWeek.
In January 2025, we uncovered the SparkCat spyware campaign, which was aimed at gaining access to victims’ crypto wallets. The threat actor distributed apps containing a malicious SDK/framework. This component would wait for a user to open a specific screen (typically a support chat), then request access to the device’sRead More »SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play
The April 2025 cyber attacks targeting U.K. retailers Marks & Spencer and Co-op have been classified as a “single combined cyber event.” That’s according to an assessment from the Cyber Monitoring Centre (CMC), a U.K.-based independent, non-profit body set up by the insurance industry to categorize major cyber events. “GivenRead More »Scattered Spider Behind Cyberattacks on M&S and Co-op, Causing Up to $592M in Damages
