Second OttoKit Vulnerability Exploited to Hack WordPress Sites

/in

Threat actors are targeting a critical-severity vulnerability in the OttoKit WordPress plugin to gain administrative privileges.

The post Second OttoKit Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek.

SecurityWeek – ​Read More

41 Countries Taking Part in NATO’s Locked Shields 2025 Cyber Defense Exercise

/in

The NATO Cooperative Cyber Defence Centre of Excellence in Estonia is hosting the Locked Shields 2025 cyber defense exercise.

The post 41 Countries Taking Part in NATO’s Locked Shields 2025 Cyber Defense Exercise appeared first on SecurityWeek.

SecurityWeek – ​Read More

NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware

/in

A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary damages, more than four months after a federal judge ruled that the Israeli company violated U.S. laws by exploiting WhatsApp servers to deploy Pegasus spyware, targeting over 1,400 individuals globally.
WhatsApp originally filed the lawsuit against NSO Group in 2019,

The Hacker News – ​Read More

Jury orders NSO Group to pay $168 million to WhatsApp for facilitating Pegasus hacks of its users

/in

The six-year case is the culmination of a Meta lawsuit filed in 2019, which argued that the NSO Group repeatedly attacked WhatsApp with spyware vectors, continuing to break into its systems even as the social media giant patched vulnerabilities.

The Record from Recorded Future News – ​Read More

Researcher Says Patched Commvault Bug Still Exploitable

/in

CISA added CVE-2025-34028 to its catalog of known exploited vulnerabilities, citing active attacks in the wild.

darkreading – ​Read More

Fake SSA Emails Trick Users into Installing ScreenConnect RAT

/in

Cybercriminals are using fake Social Security Administration emails to distribute the ScreenConnect RAT (Remote Access Trojan) and compromise…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

AWS report: Generative AI overtakes security in global tech budgets for 2025

/in

Credit: VentureBeat made with Midjourney

New AWS report reveals 45% of global IT leaders now prioritize generative AI over cybersecurity in 2025 tech budgets as companies race to hire AI talent and implement AI strategies despite persistent skills shortages.Read More

Security News | VentureBeat – ​Read More

The Signal Clone Mike Waltz Was Caught Using Has Direct Access to User Chats

/in

A new analysis of TM Signal’s source code appears to show that the app sends users’ message logs in plaintext. At least one top Trump administration official used the app.

Security Latest – ​Read More

‘Easily Exploitable’ Langflow Vulnerability Requires Immediate Patching

/in

The vulnerability, which has a CVSS score of 9.8, is under attack and allows threat actors to remotely execute arbitrary commands on servers running the agentic AI builder.

darkreading – ​Read More

Tulsi Gabbard Reused the Same Weak Password on Multiple Accounts for Years

/in

Now the US director of national intelligence, Gabbard failed to follow basic cybersecurity practices on several of her personal accounts, leaked records reviewed by WIRED reveal.

Security Latest – ​Read More