The CitrixBleed 2 vulnerability in NetScaler may expose organizations to compromise even if patches have been applied. The post CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable appeared first on SecurityWeek.
Google has filed a lawsuit against the Badbox 2.0 botnet operators, after identifying over 10 million infected Android devices. The post Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet appeared first on SecurityWeek.
Wiz researchers discovered NVIDIAScape, an Nvidia Container Toolkit flaw that can be exploited for full control of the host machine. The post Critical Nvidia Toolkit Flaw Exposes AI Cloud Services to Hacking appeared first on SecurityWeek.
Anne Arundel Dermatology said hackers had access to its systems for three months and may have stolen personal and health information. The post Anne Arundel Dermatology Data Breach Impacts 1.9 Million People appeared first on SecurityWeek.
A settlement has been reached in the class action brought by investors against Meta over the Cambridge Analytica incident, but details have not been shared. The post Settlement Reached in Investors’ Lawsuit Against Meta CEO Mark Zuckerberg and Other Company Leaders appeared first on SecurityWeek.
Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald’s was exposed after they guessed the password (“123456”) for the fast food chain’s account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 firms. Paradox.aiRead More »Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai
Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. “The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and forRead More »Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerability in Apache HTTP Server version 2.4.49 that could result in remote codeRead More »Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
.webp?1752757003)
A report reveals that while 83% of U.S. business leaders are fast-tracking AI and automation initiatives in response to trade uncertainty, 69% remain stuck in tactical reactions or have frozen strategic investments.
Cybersecurity startup Empirical Security has raised $12 million in seed funding for its vulnerability management platform. The post Empirical Security Raises $12 Million for AI-Driven Vulnerability Management appeared first on SecurityWeek.
