A Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US.
The post Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks appeared first on SecurityWeek.
DanaBot Botnet Disrupted, 16 Suspects Charged
The DanaBot botnet ensnared over 300,000 devices and caused more than $50 million in damages before being disrupted.
The post DanaBot Botnet Disrupted, 16 Suspects Charged appeared first on SecurityWeek.
Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors
A Chinese espionage group has been chaining two recent Ivanti EPMM vulnerabilities in attacks against organizations in multiple critical sectors.
The post Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors appeared first on SecurityWeek.
Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw
Akamai documents a privilege escalation flaw in Windows Server 2025 after Redmond declines to ship an immediate patch.
The post Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw appeared first on SecurityWeek.
Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People
Marlboro-Chesterfield Pathology has been targeted by the SafePay ransomware group, which stole personal information from its systems.
The post Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People appeared first on SecurityWeek.
Marks & Spencer Expects Ransomware Attack to Cost $400 Million
UK retailer Marks & Spencer expects the disruptions caused by the recent cyberattack to continue through July.
The post Marks & Spencer Expects Ransomware Attack to Cost $400 Million appeared first on SecurityWeek.
Security Theater or Real Defense? The KPIs That Tell the Truth
In the end, cybersecurity isn’t just about collecting data. It’s about proving that your defenses actually work.
The post Security Theater or Real Defense? The KPIs That Tell the Truth appeared first on SecurityWeek.
Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough
Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.
The post Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough appeared first on SecurityWeek.
Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities
Cisco published 10 security advisories detailing over a dozen vulnerabilities, including two high-severity flaws in its Identity Services Engine (ISE) and Unified Intelligence Center.
The post Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities appeared first on SecurityWeek.
GitLab, Atlassian Patch High-Severity Vulnerabilities
GitLab and Atlassian have released patches for over a dozen vulnerabilities in their products, including high-severity bugs.
The post GitLab, Atlassian Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
