Akamai documents a privilege escalation flaw in Windows Server 2025 after Redmond declines to ship an immediate patch.
The post Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw appeared first on SecurityWeek.
Critical OpenPGP.js Vulnerability Allows Spoofing
An OpenPGP.js vulnerability tracked as CVE-2025-47934 allows message signature verification to be spoofed.
The post Critical OpenPGP.js Vulnerability Allows Spoofing appeared first on SecurityWeek.
Russian APT Exploiting Mail Servers Against Government, Defense Organizations
Russia-linked APT28 has been exploiting mail server vulnerabilities against government and defense entities since September 2023.
The post Russian APT Exploiting Mail Servers Against Government, Defense Organizations appeared first on SecurityWeek.
Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal
Enterprise cybersecurity giant Proofpoint is buying Germany-based Microsoft 365 security solutions provider Hornetsecurity.
The post Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal appeared first on SecurityWeek.
AI-Powered Polymorphic Phishing Is Changing the Threat Landscape
Combined with AI, polymorphic phishing emails have become highly sophisticated, creating more personalized and evasive messages that result in higher attack success rates.
The post AI-Powered Polymorphic Phishing Is Changing the Threat Landscape appeared first on SecurityWeek.
Legacy Google Service Abused in Phishing Attacks
A sophisticated phishing campaign abuses weakness in Google Sites to spoof Google no-reply addresses and bypass protections.
The post Legacy Google Service Abused in Phishing Attacks appeared first on SecurityWeek.
170,000 Impacted by Data Breach at Chord Specialty Dental Partners
An email security incident at Chord Specialty Dental Partners, a US dental service organization, has impacted more than 170,000 people.
The post 170,000 Impacted by Data Breach at Chord Specialty Dental Partners appeared first on SecurityWeek.
Mining Company NioCorp Loses $500,000 in BEC Hack
NioCorp Developments has informed the SEC that it lost $0.5 million after its systems were compromised.
The post Mining Company NioCorp Loses $500,000 in BEC Hack appeared first on SecurityWeek.
Critical Zimbra Vulnerability Exploited One Day After PoC Release
A critical-severity vulnerability in Zimbra has been exploited in the wild to deploy a web shell on vulnerable servers.
The post Critical Zimbra Vulnerability Exploited One Day After PoC Release appeared first on SecurityWeek.
EasyDMARC Lands $20M for Email Security Authentication Tech
EasyDMARC lands venture capital funding after finding traction in the email security and authentication business.
The post EasyDMARC Lands $20M for Email Security Authentication Tech appeared first on SecurityWeek.
