Three more VS Code extensions were infected last week and the malware has emerged in GitHub repositories as well.
The post GlassWorm Malware Returns to Open VSX, Emerges on GitHub appeared first on SecurityWeek.
Nearly 30 Alleged Victims of Oracle EBS Hack Named on Cl0p Ransomware Site
The Cl0p website lists major organizations such as Logitech, The Washington Post, Cox Enterprises, Pan American Silver, LKQ Corporation, and Copeland.
The post Nearly 30 Alleged Victims of Oracle EBS Hack Named on Cl0p Ransomware Site appeared first on SecurityWeek.
QNAP Patches Vulnerabilities Exploited at Pwn2Own Ireland
Multiple vulnerabilities across QNAP’s portfolio could lead to remote code execution, information disclosure, and denial-of-service (DoS) conditions.
The post QNAP Patches Vulnerabilities Exploited at Pwn2Own Ireland appeared first on SecurityWeek.
Australia Sanctions Hackers Supporting North Korea’s Weapons Program
Australia mirrored the US’s recent sanctions against bankers, financial institutions, and others allegedly involved in laundering funds for North Korea.
The post Australia Sanctions Hackers Supporting North Korea’s Weapons Program appeared first on SecurityWeek.
In Other News: Controversial Ransomware Report, Gootloader Returns, More AN0M Arrests
Other noteworthy stories that might have slipped under the radar: rogue ransomware negotiators charged, F5 hack prompts OT security guidance, Germany targets Huawei tech.
The post In Other News: Controversial Ransomware Report, Gootloader Returns, More AN0M Arrests appeared first on SecurityWeek.
Landfall Android Spyware Targeted Samsung Phones via Zero-Day
Threat actors exploited CVE-2025-21042 to deliver malware via specially crafted images to users in the Middle East.
The post Landfall Android Spyware Targeted Samsung Phones via Zero-Day appeared first on SecurityWeek.
Radical Empowerment From Your Leadership: Understood by Few, Essential for All
When leaders redefine power as trust instead of control, teams unlock their potential — and organizations find their edge.
The post Radical Empowerment From Your Leadership: Understood by Few, Essential for All appeared first on SecurityWeek.
Data Exposure Vulnerability Found in Deep Learning Tool Keras
The vulnerability is tracked as CVE-2025-12058 and it can be exploited for arbitrary file loading and conducting SSRF attacks.
The post Data Exposure Vulnerability Found in Deep Learning Tool Keras appeared first on SecurityWeek.
ClickFix Attacks Against macOS Users Evolving
ClickFix prompts typically contain instructions for Windows users, but now they are tailored for macOS and they are getting increasingly convincing.
The post ClickFix Attacks Against macOS Users Evolving appeared first on SecurityWeek.
DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz
Google’s acquisition of Wiz is expected to close in 2026, but there are other reviews that need to be cleared.
The post DOJ Antitrust Review Clears Google’s $32 Billion Acquisition of Wiz appeared first on SecurityWeek.
