41% Of Ransomware Victims Who Pay Ransom Can’t Recover Data
Paying attackers a ransom to recover from ransomware attacks fails 41% of the time, and even when recovery keys work, ransomware victims don’t always recover…
Category: DarkReading
Apache Tomcat CVE-2025-55752, 55754 Security Flaws
The Apache Software Foundation has disclosed two new security vulnerabilities affecting multiple versions of Apache Tomcat, warning system administrators to take immediate action. The flaws, identified as CVE-2025-55752 and CVE-2025-55754, were…
CISA Warns DELMIA Apriso Vulnerabilities Are Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two DELMIA Apriso vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Today’s addition of CVE-2025-6204…
UK Afghan Data Leak Linked To 49 Deaths
A new study that looked at 231 people exposed by a 2022 UK data leak of Afghans seeking resettlement after the Taliban takeover found that…
Europol Calls For Solutions To Caller ID Spoofing
Caller ID spoofing causes nearly $1 billion (EUR 850 million) in financial losses from fraud and scams each year, according to a new Europol position…
Critical CVE-2025-55315 Hits QNAP NetBak PC Agent
A critical vulnerability, tracked as CVE-2025-55315, has been identified in QNAP’s NetBak PC Agent, stemming from a flaw within Microsoft’s ASP.NET Core framework. The issue allows attackers to exploit HTTP Request Smuggling…
Bengaluru CCB Busts ₹47 Crore Cybercrime Racket
Bengaluru’s Central Crime Branch (CCB) has dismantled a major international cybercrime racket, revealing a hacking operation that siphoned off ₹47 crore (approximately $5.6 million) from…
North Canton City Council To Adopt Cybersecurity Policy
The City Council of North Canton, Ohio, is preparing to adopt a new cybersecurity policy designed to strengthen digital defenses and comply with statewide regulations.…
BIND 9 DNS Flaw Exposes 706K Servers
A newly disclosed security flaw has put more than 706,000 BIND 9 DNS resolvers worldwide at risk of cache poisoning attacks, according to an advisory published by…
Compromised YouTube Accounts Distribute Infostealer Malware
More than 3,000 malicious YouTube videos were used to distribute infostealer malware, according to a new report detailing the operation. Dubbed the “YouTube Ghost Network”…
North Korean Hackers Deploy “Drone” Malware In Targeting Of European UAV Manufacturers
The name said it all: DroneEXEHijackingLoader.dll. That internal file name, buried in malicious code delivered to three European defense contractors, revealed what security researchers now…
Microsoft Fixes Critical WSUS RCE Flaw CVE-2025-59287
Microsoft has released an urgent out-of-band security update to address a severe remote code execution (RCE) vulnerability in Windows Server Update Services (WSUS). The flaw,…