The tech giant has rolled out fixes for 173 CVEs, including five critical-severity security defects. The post Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flaws appeared first on SecurityWeek.
Trend™ Research has uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352, allowing remote code execution and rootkit deployment on unprotected devices, with impacts observed on Cisco 9400, 9300, and legacy 3750G series.
Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least two vulnerabilities that are already being actively exploited. October’s Patch Tuesday also marks the final month that Microsoft will ship security updates for Windows 10 systems. If you’re running aRead More »Patch Tuesday, October 2025 ‘End of 10’ Edition
Approximately 180,000 records containing PII and payment data were exposed.
Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for more than a year. The activity, per ReliaQuest, is the handiwork of a Chinese state-sponsored hacking group called Flax Typhoon, which is also tracked asRead More »Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year
This is a current list of where and when I am scheduled to speak: I and Nathan E. Sanders will be giving a book talk on Rewiring Democracy at the Harvard Kennedy School’s Ash Center in Cambridge, Massachusetts, USA, on October 22, 2025 at noon ET. I and Nathan E. SandersRead More »Upcoming Speaking Engagements
Investors are placing bets on a hardware-based approach to data security in a market dominated by software solutions for ransomware resilience. The post HyperBunker Raises Seed Funding to Launch Next-Generation Anti-Ransomware Device appeared first on SecurityWeek.
This is LevelBlue’s third acquisition this year, after Trustwave and Aon’s Cybersecurity & IP Litigation Consulting groups. The post Cybereason to be Acquired by MSSP Giant LevelBlue appeared first on SecurityWeek.
SAP has rolled out additional protections for insecure deserialization bugs resolved in NetWeaver AS Java recently. The post SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM appeared first on SecurityWeek.
Resistant AI will use the funding to expand its fraud detection and transaction monitoring offerings to new markets. The post Fraud Prevention Firm Resistant AI Raises $25 Million appeared first on SecurityWeek.
