Noteworthy stories that might have slipped under the radar: drug cartel hires hacker to identify FBI informants, prison time for Russian ransomware developer, ransomware negotiator investigated. The post In Other News: Hacker Helps Kill Informants, Crylock Developer Sentenced, Ransomware Negotiator Probed appeared first on SecurityWeek.
Generative AI is changing how businesses work, learn, and innovate. But beneath the surface, something dangerous is happening. AI agents and custom GenAI workflows are creating new, hidden ways for sensitive enterprise data to leak—and most teams don’t even realize it. If you’re building, deploying, or managing AI systems, nowRead More »Your AI Agents Might Be Leaking Data — Watch this Webinar to Learn How to Stop It
Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local attackers to escalate their privileges to root on susceptible machines. A brief description of the vulnerabilities is below – CVE-2025-32462 (CVSS score: 2.8) – Sudo before 1.9.17p1, whenRead More »Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros
Google has been ordered by a court in the U.S. state of California to pay $314 million over charges that it misused Android device users’ cellular data when they were idle to passively send information to the company. The verdict marks an end to a legal class-action complaint that wasRead More »Google Ordered to Pay $314M for Misusing Android Users’ Cellular Data Without Permission
In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But a new report finds the accused continues to operate a slew of established accounts at American tech companies — includingRead More »Big Tech’s Mixed Response to U.S. Treasury Sanctions
A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN. The identified apps were designed to load out-of-context ads on a user’s screen and hide their icons from the device home screen launcher, making it harder forRead More »Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams
A vulnerability in the Catwatchful spyware allowed a security researcher to retrieve the usernames and passwords of over 62,000 accounts. The post Undetectable Android Spyware Backfires, Leaks 62,000 User Logins appeared first on SecurityWeek.
Hardcoded SSH credentials in Cisco Unified CM and Unified CM SME could allow attackers to execute commands as root. The post Cisco Warns of Hardcoded Credentials in Enterprise Software appeared first on SecurityWeek.
Once you build a surveillance system, you can’t control who will use it: A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone records and use Mexico City’s surveillance cameras to help track and kill the agency’s informants in 2018, according to a newRead More »Surveillance Used by a Drug Cartel
Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users’ digital assets at risk. “These extensions impersonate legitimate wallet tools from widely-used platforms such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, MyMonero, Bitget, Leap, Ethereum Wallet,Read More »Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets
