Industrial giants Siemens and Schneider Electric have released March 2025 Patch Tuesday ICS security advisories.
The post ICS Patch Tuesday: Advisories Published by CISA, Schneider Electric, Siemens appeared first on SecurityWeek.
Are Threat Groups Belsen and ZeroSevenGroup Related?
Kela admits that its evidence for a connection between Belsen and ZeroSevenGroup is largely circumstantial, primarily based on styles.
The post Are Threat Groups Belsen and ZeroSevenGroup Related? appeared first on SecurityWeek.
Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw
Apple warns that the WebKIt bug “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”
The post Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw appeared first on SecurityWeek.
Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday
Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild.
The post Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday appeared first on SecurityWeek.
Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader
Adobe documents 35 security flaws in a wide range of products, including code-execution issues in the Acrobat and Reader applications.
The post Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader appeared first on SecurityWeek.
UK Government Report Calls for Stronger Open Source Supply Chain Security Practices
Report from the Department for Science, Innovation & Technology (DSIT) finds weaknesses in current practices.
The post UK Government Report Calls for Stronger Open Source Supply Chain Security Practices appeared first on SecurityWeek.
New Ballista IoT Botnet Linked to Italian Threat Actor
Cato Networks has analyzed a new IoT botnet named Ballista, which targets TP-Link Archer routers.
The post New Ballista IoT Botnet Linked to Italian Threat Actor appeared first on SecurityWeek.
New York Sues Insurance Giant Over Data Breaches
The New York Attorney General sued National General and its parent company Allstate over two data breaches.
The post New York Sues Insurance Giant Over Data Breaches appeared first on SecurityWeek.
SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver
SAP released 21 new security notes and updated three security notes on March 2025 security patch day.
The post SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver appeared first on SecurityWeek.
Edimax Says No Patches Coming for Zero-Day Exploited by Botnets
Edimax is aware that CVE-2025-1316 has been exploited in the wild, but the impacted devices were discontinued over a decade ago.
The post Edimax Says No Patches Coming for Zero-Day Exploited by Botnets appeared first on SecurityWeek.
