The latest M-Trends report is based on insights from over 500,000 hours of Mandiant incident response investigations in 2025.
The post M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds appeared first on SecurityWeek.
Kevin Mandia’s Armadin Launches With $190 Million in Funding
Armadin uses AI-powered red teaming to find and exploit weaknesses in the same way that attackers attack them.
The post Kevin Mandia’s Armadin Launches With $190 Million in Funding appeared first on SecurityWeek.
SonicWall SMA Appliances Targeted With New ‘Overstep’ Malware
A threat actor that may be financially motivated is targeting SonicWall devices with a backdoor and user-mode rootkit.
The post SonicWall SMA Appliances Targeted With New ‘Overstep’ Malware appeared first on SecurityWeek.
US Insurance Industry Warned of Scattered Spider Attacks
Google is warning insurance companies that Scattered Spider appears to have shifted its focus from the retail sector.
The post US Insurance Industry Warned of Scattered Spider Attacks appeared first on SecurityWeek.
Google’s $32 Billion Wiz Deal Draws DOJ Antitrust Scrutiny: Report
According to reports, the US Department of Justice will assess whether the deal would harm competition in the cybersecurity market.
The post Google’s $32 Billion Wiz Deal Draws DOJ Antitrust Scrutiny: Report appeared first on SecurityWeek.
Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites
Mandiant warns that a Vietnamese hacking group tracked as UNC6032 is distributing malware via fake AI video generator websites.
The post Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites appeared first on SecurityWeek.
M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat
Mandiant’s latest threat report shows how attackers adapt faster than defenses, shifting strategies toward credential theft and insider threats.
The post M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat appeared first on SecurityWeek.
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle
The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices.
The post Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle appeared first on SecurityWeek.
Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers
China-nexus cyberespionage group caught planting custom backdoors on end-of-life Juniper Networks Junos OS routers.
The post Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers appeared first on SecurityWeek.
North Korea Hackers Linked to Breach of German Missile Manufacturer
The targeting of Diehl Defence is significant because the company specializes in the production of missiles and ammunition.
The post North Korea Hackers Linked to Breach of German Missile Manufacturer appeared first on SecurityWeek.
