Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
Progress Software on Monday rolled out patches for multiple MOVEit WAF and LoadMaster vulnerabilities that could lead to remote code execution (RCE) and OS command…
Category: SecurityWeek
Unsecured Perforce Servers Expose Sensitive Data From Major Orgs
A researcher has analyzed internet-facing Perforce P4 servers and found that many are still misconfigured, exposing highly sensitive information. Perforce P4 (formerly Helix Core) is…
Dozens of Malicious Crypto Apps Land in Apple App Store
Over two dozen fake cryptocurrency applications targeting iOS users have been published to the Apple App Store, Kaspersky reports. The malicious campaign, dubbed FakeWallet, has…
Third US Security Expert Admits Helping Ransomware Gang
A third man has pleaded guilty to participating in ransomware attacks while working for a cybersecurity company hired to negotiate with hackers. In October 2025,…
Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities
The US cybersecurity agency CISA on Monday expanded its Known Exploited Vulnerabilities (KEV) catalog with eight more flaws, including three that have not previously been…
Senate Extends Surveillance Powers Until April 30 After Chaotic Votes in House
The Senate approved a short-term renewal until April 30 of a controversial surveillance program used by U.S. spy agencies, following a chaotic, post-midnight scramble in…
Bluesky Disrupted by Sophisticated DDoS Attack
Bluesky, the decentralized microblogging social media platform, reported service outages last week due to a distributed denial-of-service (DDoS) attack aimed at its systems. The DDoS…
Hackers Abuse QEMU for Defense Evasion
Threat actors have been abusing QEMU in campaigns leading to the deployment of ransomware and remote access tools, Sophos reports. A cross-platform open source machine…
Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking
Serial-to-IP converters are affected by potentially serious vulnerabilities that can expose operational technology (OT), healthcare, and other types of systems to remote attacks. Serial-to-IP converters,…
British Scattered Spider Hacker Pleads Guilty in the US
A British national has pleaded guilty in a US court to conspiracy to hack into the networks of dozens of companies and to stealing millions…
ZionSiphon Malware Targets ICS in Water Facilities
Researchers at Darktrace have discovered a new malware strain named ZionSiphon, which appears to target water treatment and desalination plants in Israel. ZionSiphon has many…
Two North Korean IT Worker Scheme Facilitators Jailed in the US
Two US nationals were jailed this week for their roles in North Korean IT worker schemes that caused millions in damages to US companies. The…