CISA updated 59 KEV entries in 2025 to specify that the vulnerabilities have been exploited in ransomware attacks. The post Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog appeared first on SecurityWeek.
Zscaler says the acquisition will allow customers to embed lightweight extensions into any browser, providing increased security and eliminating the need for third-party browsers. The post Zscaler Acquires Browser Security Firm SquareX appeared first on SecurityWeek.
Discover why Government and Education must prioritize Cyber Risk Management.
The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds. Cloudflare, which automatically detected and mitigated the activity, said it’s part of a growing number of hyper-volumetric HTTP DDoS attacks mounted byRead More »AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
CISOs analyze Winter Olympic threats such as phishing, fraud and more.
The hacker claims to have stolen nearly 700,000 Substack user records, including email addresses and phone numbers. The post Substack Discloses Security Incident After Hacker Leaks Data appeared first on SecurityWeek.
Criminals are using AI to clone professional websites at an industrial scale. A new report shows how one AI-powered network grew to 150+ domains by hiding behind Cloudflare and rotating IP ranges. The post Researchers Expose Network of 150 Cloned Law Firm Websites in AI-Powered Scam Campaign appeared first onRead More »Researchers Expose Network of 150 Cloned Law Firm Websites in AI-Powered Scam Campaign
VS Code-integrated configuration files are automatically executed in Codespaces when the user opens a repository or pull request. The post VS Code Configs Expose GitHub Codespaces to Attacks appeared first on SecurityWeek.
This latest infusion, led by SYN Ventures, brings the company’s total funding to $16.9 million. The post Nullify Secures $12.5 Million in Seed Funding for Cybersecurity AI Workforce appeared first on SecurityWeek.
This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next. Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions. Nothing looked dramatic on theRead More »ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
