SecurityWeek22h
In Other News: Bank of America Warns of Data Breach, Trucking Cybersecurity, Treasury Hack Linked to Silk Typhoon
Microsoft has released fixes for high-severity flaws in Azure SaaS Resources and Purview (no user action required), while ...
SecurityWeek23h
Banshee macOS Malware Expands Targeting
The latest version of the Banshee macOS information stealer no longer checks if the infected systems have the Russian ...
SecurityWeek1d
Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures
A research project into vulnerabilities affecting Microsoft’s PlayReady DRM raises some questions on responsible disclosure.
SecurityWeek1d
PayPal Phishing Campaign Employs Genuine Links to Take Over Accounts
If the user attempts to log in, however, the page automatically links the victim’s PayPal account with the email address of ...
SecurityWeek18h
Meloni Says Italy Is Exploring Deals on Telecoms Security, but Denies Private Talks With Musk
Italy’s Premier Giorgia Meloni said the Italian government is in talks with Elon Musk’s SpaceX, over Italy's telecoms security system.
SecurityWeek23h
Major Addiction Treatment Firm BayMark Confirms Ransomware Attack Caused Data Breach
Substance abuse treatment provider BayMark Health Services says patient personal information was compromised in a data breach.
SecurityWeek2d
Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool
Palo Alto Networks has released patches for multiple vulnerabilities in the Expedition migration tool, which was retired on ...
SecurityWeek1d
Exploitation of New Ivanti VPN Zero-Day Linked to Chinese Cyberspies
Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.
SecurityWeek1d
The ‘Worst in Show’ CES Products Put Your Data at Risk and Cause Waste, Privacy Advocates Say
But not all innovation is good, according to a panel of self-described dystopia experts that has judged some products as ...
SecurityWeek2d
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product
Ivanti confirms zero-day exploitation of a remotely exploitable code execution vulnerability (CVE-2025-0282) in its Connect ...
SecurityWeek1d
SonicWall Patches Authentication Bypass Vulnerabilities in Firewalls
SonicWall has released patches for multiple vulnerabilities in SonicOS, including high-severity authentication bypass flaws.
SecurityWeek3d
Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities
Chrome and Firefox updates released this week resolve high-severity vulnerabilities in the two popular browsers.