information security news

U.S. CISA adds Sitecore CMS and XP, and GitHub Action flaws to its Known Exploited Vulnerabilities catalog<gwmw style="display: none; background-color: transparent;"></gwmw>U.S. CISA adds Sitecore CMS and XP, and GitHub Action flaws to its Known Exploited Vulnerabilities catalog<gwmw style="display: none; background-color: transparent;"></gwmw>

U.S. CISA adds Sitecore CMS and XP, and GitHub Action flaws to its Known Exploited Vulnerabilities catalog<gwmw style="display: none; background-color: transparent;"></gwmw>

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Sitecore CMS and XP, and GitHub Action flaws to its Known Exploited…

7 days ago
Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

Arkana Security, a new ransomware group, claims to have breached the telecommunications provider WideOpenWest (WOW!). The new ransomware group Arkana…

7 days ago
New ReaderUpdate malware variants target macOS usersNew ReaderUpdate malware variants target macOS users

New ReaderUpdate malware variants target macOS users

New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn…

1 week ago
BlackLock Ransomware Targeted by Cybersecurity FirmBlackLock Ransomware Targeted by Cybersecurity Firm

BlackLock Ransomware Targeted by Cybersecurity Firm

Resecurity found an LFI flaw in the leak site of BlackLock ransomware, exposing clearnet IPs and server details. Resecurity has…

1 week ago
Google fixed the first actively exploited Chrome zero-day since the start of the yearGoogle fixed the first actively exploited Chrome zero-day since the start of the year

Google fixed the first actively exploited Chrome zero-day since the start of the year

Google fixed a flaw in the Chrome browser for Windows that was actively exploited in attacks targeting organizations in Russia.…

1 week ago
Authentication bypass CVE-2025-22230 impacts VMware Windows ToolsAuthentication bypass CVE-2025-22230 impacts VMware Windows Tools

Authentication bypass CVE-2025-22230 impacts VMware Windows Tools

Broadcom addressed a high-severity authentication bypass vulnerability, tracked as CVE-2025-22230, in VMware Tools for Windows. Broadcom released security updates to…

1 week ago
Android malware campaigns use .NET MAUI to evade detectionAndroid malware campaigns use .NET MAUI to evade detection

Android malware campaigns use .NET MAUI to evade detection

Researchers warn of a new Android malware that uses .NET MAUI to mimic legit services and evade detection. McAfee researchers…

1 week ago
Astral Foods, South Africa’s largest poultry producer, lost over $1M due to a cyberattackAstral Foods, South Africa’s largest poultry producer, lost over $1M due to a cyberattack

Astral Foods, South Africa’s largest poultry producer, lost over $1M due to a cyberattack

Astral Foods, South Africa’s largest poultry producer, lost over $1M due to a cyberattack disrupting deliveries and impacting operations. Astral…

1 week ago
Chinese APT Weaver Ant infiltrated a telco in Asia for over four yearsChinese APT Weaver Ant infiltrated a telco in Asia for over four years

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

China-linked APT Weaver Ant infiltrated the network of a telecommunications services provider for over four years.  The China-linked threat actor…

1 week ago
Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security toolsMedusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

Medusa ransomware uses a malicious Windows driver ABYSSWORKER to disable security tools, making detection and mitigation more difficult. Elastic Security…

1 week ago