SecurityWeek
Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities
Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities.
The post Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
CISA Issues Exploitation Warning for .NET Vulnerability
CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.
The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek.
Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days
Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.
The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek.
Sophos Completes Acquisition of Secureworks
Sophos has completed its $859 million all-cash acquisition of SecureWorks.
The post Sophos Completes Acquisition of Secureworks appeared first on SecurityWeek.
Exploitation of Over 700 Vulnerabilities Came to Light in 2024
The number of vulnerabilities first reported as exploited surged last year amid a decrease in zero-day reports.
The post Exploitation of Over 700 Vulnerabilities Came to Light in 2024 appeared first on SecurityWeek.
CISO Forum Webinar: Defenders on the Frontline – Incident Response and Threat Intel Under the Microscope
Join this panel of CISOs and threat-intel professionals for a deep-dive on aligning incident response and threat intelligence with broader business objectives.
The post CISO Forum Webinar: Defenders on the Frontline – Incident Response and Threat Intel Under the Microscope appeared first on SecurityWeek.
22 New Mac Malware Families Seen in 2024
Nearly two dozen new macOS malware families were observed in 2024, including stealers, backdoors, downloaders and ransomware.
The post 22 New Mac Malware Families Seen in 2024 appeared first on SecurityWeek.
AMD Patches CPU Vulnerability Found by Google
AMD has released patches for a microprocessor vulnerability that could allow an attacker to load malicious microcode.
The post AMD Patches CPU Vulnerability Found by Google appeared first on SecurityWeek.
Personal Information Compromised in GrubHub Data Breach
Food delivery firm GrubHub has disclosed a data breach impacting the personal information of drivers and customers.
The post Personal Information Compromised in GrubHub Data Breach appeared first on SecurityWeek.
Cyber Insights 2025: The CISO Outlook
There has never been a single job description for the CISO – the role depends upon each company, its maturity, its size and resources, and the risk tolerance of boards.
The post Cyber Insights 2025: The CISO Outlook appeared first on SecurityWeek.
Developers Targeted With Malware Disguised as DeepSeek Package
Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI.
The post Developers Targeted With Malware Disguised as DeepSeek Package appeared first on SecurityWeek.
Contec Patient Monitors Not Malicious, but Still Pose Big Risk to Healthcare
The Contec CMS8000 patient monitors do not contain a malicious backdoor but are plagued by an insecure and vulnerable design.
The post Contec Patient Monitors Not Malicious, but Still Pose Big Risk to Healthcare appeared first on SecurityWeek.
Vulnerability Patched in Android Possibly Exploited by Forensic Tools
The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.
The post Vulnerability Patched in Android Possibly Exploited by Forensic Tools appeared first on SecurityWeek.
DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test
DeepSeek’s susceptibility to jailbreaks has been compared by Cisco to other popular AI models, including from Meta, OpenAI and Google.
The post DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test appeared first on SecurityWeek.
XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits
Vietnamese cybercrime gang shifts from credit card-skimming to exploiting at least two zero-day vulnerabilities enterprise software product.
The post XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits appeared first on SecurityWeek.
Cyber Insights 2025: Quantum and the Threat to Encryption
2025 is an important year – it is probably our last chance to start our migration to post quantum cryptography before we are all undone by cryptographically relevant quantum computers.
The post Cyber Insights 2025: Quantum and the Threat to Encryption appeared first on SecurityWeek.
Hundreds of Thousands Hit by Data Breaches at Healthcare Firms in Colorado, North Carolina
Hundreds of thousands have been impacted by data breaches at Asheville Eye Associates and Delta County Memorial Hospital District.
The post Hundreds of Thousands Hit by Data Breaches at Healthcare Firms in Colorado, North Carolina appeared first on SecurityWeek.
Casio Website Infected With Skimmer
A threat actor has infected Casio UK’s website with a web skimmer on all pages, except the typical checkout page.
The post Casio Website Infected With Skimmer appeared first on SecurityWeek.
DeepSeek Security: System Prompt Jailbreak, Details Emerge on Cyberattacks
Researchers found a jailbreak method that exposed DeepSeek’s system prompt, while others have analyzed the DDoS attacks aimed at the new gen-AI.
The post DeepSeek Security: System Prompt Jailbreak, Details Emerge on Cyberattacks appeared first on SecurityWeek.
Insurance Company Globe Life Notifying 850,000 People of Data Breach
Insurance firm Globe Life says a threat actor may have compromised the personal information of roughly 850,000 individuals.
The post Insurance Company Globe Life Notifying 850,000 People of Data Breach appeared first on SecurityWeek.