Norfolk Southern Says a Software Defect — Not a Hacker — Forced It to Park Its Trains This Week
Norfolk Southern believes a software defect — not a hacker — was the cause of the widespread computer outage that forced the railroad to park…
Category: SecurityWeek
Developers Warned of Malicious PyPI, NPM, Ruby Packages Targeting Macs
Threat actors have started uploading malicious packages to PyPI, NPM, and RubyGems repositories in a new campaign aimed at stealing user information, software supply chain…
Okta Says US Customers Targeted in Sophisticated Attacks
Identity and access management solutions provider Okta warns that multiple customers based in the United States have been targeted in sophisticated attacks involving social engineering.…
Ransomware Attack on Fencing Systems Maker Zaun Impacts UK Military Data
British mesh fencing systems maker Zaun has disclosed a LockBit ransomware attack that potentially led to the compromise of data related to UK military and…
Exploit Code Published for Critical-Severity VMware Security Defect
Just days after shipping a major security update to correct vulnerabilities in its Aria Operations for Networks product line, VMWare is warning that exploit code…
Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer
Multiple threat actors have adopted ‘SapphireStealer’ after the information stealer’s source code was published on GitHub, Cisco’s Talos security researchers report. Written in .NET, the…
Elon Musk Says X, Formerly Twitter, Will Have Voice and Video Calls, Updates Privacy Policy
Elon Musk said Thursday that his social network X, formerly known as Twitter, will give users the ability to make voice and video calls on…
In Other News: Hacking Encrypted Linux Computers, Android Fuzzing, Skype Leaking IPs
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a…
Free Decryptor Available for ‘Key Group’ Ransomware
Cyber intelligence firm EclecticIQ on Thursday announced the release of a free decryption tool to help victims of the Key Group ransomware recover their data…
Industry Reactions to Qakbot Botnet Disruption: Feedback Friday
US authorities announced this week the results of an international operation whose goal was the disruption of the notorious Qakbot botnet. The operation, dubbed ‘Duck…
Sourcegraph Discloses Data Breach Following Access Token Leak
Code search and navigation platform Sourcegraph on Thursday announced that it has experienced a data breach after an engineer accidentally leaked an admin access token.…
Over $1 Million Offered at New Pwn2Own Automotive Hacking Contest
The Zero Day Initiative (ZDI) this week announced that it will be offering more than $1 million in cash and prizes at Pwn2Own Automotive, the…