Limited Canva Creator Data Exposed Via AI Chatbot Database

/in

A Chroma database operated by Russian AI chatbot startup My Jedai was found exposed online, leaking survey responses…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS

/in

SentinelLABS uncovers widespread China-linked cyber espionage targeting over 70 global organizations and cybersecurity firms between July 2024 and…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks

/in

A now-patched critical security flaw in the Wazur Server is being exploited by threat actors to drop two different Mirai botnet variants and use them to conduct distributed denial-of-service (DDoS) attacks.
Akamai, which first discovered the exploitation efforts in late March 2025, said the malicious campaign targets CVE-2025-24016 (CVSS score: 9.9), an unsafe deserialization vulnerability that

The Hacker News – ​Read More

Major US grocery distributor warns of disruption after cyberattack

/in

UNFI, a grocery distributor for Whole Foods and others, warned of disruptions to customer orders after a cyberattack.

Security News | TechCrunch – ​Read More

Major food wholesaler says cyberattack impacting distribution systems

/in

The statement said the Rhode Island-based company identified unauthorized activity on its systems on Thursday, prompting officials to take systems offline. The action “has temporarily impacted the Company’s ability to fulfill and distribute customer orders.”

The Record from Recorded Future News – ​Read More

New hacker group uses LockBit ransomware variant to target Russian companies

/in

In its latest campaign this spring, DarkGaboon was observed deploying LockBit 3.0 ransomware against victims in Russia, Positive Technologies said in a report last week.

The Record from Recorded Future News – ​Read More

Mirai Botnets Exploiting Wazuh Security Platform Vulnerability 

/in

CVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets.

The post Mirai Botnets Exploiting Wazuh Security Platform Vulnerability  appeared first on SecurityWeek.

SecurityWeek – ​Read More

Guardz Banks $56M Series B for All-in-One SMB Security

/in

The Israeli company said the Series B raise was led by ClearSky and included equity stakes for new backer Phoenix Financial.

The post Guardz Banks $56M Series B for All-in-One SMB Security appeared first on SecurityWeek.

SecurityWeek – ​Read More

Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems

/in

Two malicious NPM packages contain code that would delete production systems when triggered with the right credentials.

The post Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems appeared first on SecurityWeek.

SecurityWeek – ​Read More

React Native Aria Packages Backdoored in Supply Chain Attack

/in

A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack.

The post React Native Aria Packages Backdoored in Supply Chain Attack appeared first on SecurityWeek.

SecurityWeek – ​Read More