Czech Government Condemns Chinese Hack on Critical Infrastructure
The Czech government delivered a pointed warning to China on Wednesday, publicly attributing a years-long intrusion in the foreign ministry’s networks to APT31, a cyber-espionage…
Category: SecurityWeek
Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites
Over the past year, a threat actor has been banking on the wild popularity of AI tools to lure computer users to fake content creation…
Cerby Raises $40 Million for Identity Automation Platform
Identity security automation platform startup Cerby on Wednesday announced raising $40 million in a Series B funding round that brings the total raised by the…
OneDrive Gives Web Apps Full Read Access to All Files
Excessive permissions and ambiguous consent statements may provide web apps uploading files to OneDrive with read access to all user files rather than just those…
Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities
Google and Mozilla on Tuesday announced the release of Chrome 137 and Firefox 139, with patches for a total of 21 vulnerabilities between the two…
The Root of AI Hallucinations: Physics Theory Digs Into the ‘Attention’ Flaw
No-one really understands how AI works or when and why it doesn’t. But the application of first-principle physics theory to the working of AI’s Attention…
Vulnerabilities in CISA KEV Are Not Equally Critical: Report
Security flaws in CISA’s Known Exploited Vulnerabilities (KEV) catalog should be treated with urgency based on environmental context assessments, according to a new report from…
$223 Million Stolen in Cetus Protocol Hack
A vulnerability in the smart contract for liquidity pools allowed hackers to steal roughly $223 million in virtual assets from cryptocurrency exchange Cetus Protocol. The…
Zscaler to Acquire MDR Specialist Red Canary
Zscaler on Tuesday signaled a big push into the security-operations market with the announcement of plans to buy Denver-based managed detection and response (MDR) specialist…
Iranian Man Pleads Guilty to Role in Baltimore Ransomware Attack
An Iranian national has admitted in US federal court that he helped run the Robbinhood ransomware crew behind a series of extortion attacks that crippled…
Russian Government Hackers Caught Buying Passwords from Cybercriminals
Microsoft on Tuesday published technical documentation on a new Russia-linked espionage outfit it calls “Void Blizzard,” warning that the group has spent the past year…
DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities
An unidentified managed service provider (MSP) and its customers have been infected with the DragonForce ransomware after a threat actor exploited a vulnerable SimpleHelp instance,…