Ongoing Campaign Uses 60 NPM Packages to Steal Data
Security firm Socket warns of an ongoing campaign targeting NPM users with tens of malicious packages that can collect and exfiltrate system information. Over the…
Category: SecurityWeek
Dutch Intelligence Agencies Say Russian Hackers Stole Police Data in Cyberattack
A previously unknown Russian hacker group with suspected ties to the Kremlin was responsible for a cyberattack last year on the Dutch police and has…
Inside the $111 Billion Cloud Security Market: Acquisition, Expansion, and Where to Aim Next
Spending on cloud security will be $111 billion in 2025, representing 3% of the total IT spend. Microsoft alone is expected to achieve $37.2 billion…
Law Firms Warned of Silent Ransom Group Attacks
The FBI is cautioning US law firms that they have become frequent targets of the Silent Ransom Group (SRG) extortion gang. Also known as Chatty…
Nova Scotia Power Confirms Ransomware Attack, 280k Notified of Data Breach
Nearly one month after it informed customers that it had been targeted in a cyberattack, Canadian electric utility Nova Scotia Power admitted on Friday that…
In Other News: Volkswagen App Hacked, DR32 Sentenced, New OT Security Solution
SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories…
Signal Adds Screenshot-Blocker to Thwart ‘Windows Recall’
Signal on Friday shipped a new feature that automatically blocks all screenshots of its chat window, positioning it as a privacy shield aimed at Microsoft’s…
Russian Qakbot Gang Leader Indicted in US
A Russian national has been indicted in the US for leading the cybercrime group behind the infamous Qakbot malware and botnet. The individual, Rustam Rafailevich…
Companies Warned of Commvault Vulnerability Exploitation
The ongoing exploitation of a Commvault vulnerability that was targeted as a zero-day is likely part of a broader campaign against software-as-a-service (SaaS) solutions, the…
Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks
A China-linked threat actor exploited a Trimble Cityworks zero-day vulnerability in attacks against local government entities in the US, Cisco Talos reports. Tracked as CVE-2025-0994…
DanaBot Botnet Disrupted, 16 Suspects Charged
The notorious DanaBot botnet has been severely disrupted as part of an international law enforcement operation, which also involved charges and arrest warrants targeting over…
Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors
A China-linked cyberespionage group has been exploiting two recent Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities in attacks targeting critical sectors in Europe, North America, and…