UNFI, the biggest supplier to Whole Foods stores, reported that its income will take a hit for the quarter that ends in August because of a recent cyberattack that disrupted operations.
The Record from Recorded Future News – Read More
Microsoft is preparing a private preview of new Windows endpoint security platform capabilities to help antimalware vendors create solutions that run outside the kernel.
The post Microsoft to Preview New Windows Endpoint Security Platform After CrowdStrike Outage appeared first on SecurityWeek.
SecurityWeek – Read More
Tech Transparency Project warns Chinese-owned VPNs like Turbo VPN and X-VPN remain on Apple and Google app stores, raising national security concerns.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit.
The activity has been attributed with medium confidence to a Chinese hacking group called Silver Fox (aka Void Arachne), citing similarities in tradecraft with previous campaigns attributed to the threat actor.
The Hacker News – Read More
Security operations centers (SOCs) are under pressure from both sides: threats are growing more complex and frequent, while security budgets are no longer keeping pace. Today’s security leaders are expected to reduce risk and deliver results without relying on larger teams or increased spending.
At the same time, SOC inefficiencies are draining resources. Studies show that up to half of all
The Hacker News – Read More
China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit.
The post Chinese Hackers Target Chinese Users With RAT, Rootkit appeared first on SecurityWeek.
SecurityWeek – Read More
A vulnerability in the extension publishing mechanism of Open VSX could have allowed attackers to tamper with any repository.
The post Vulnerability Exposed All Open VSX Repositories to Takeover appeared first on SecurityWeek.
SecurityWeek – Read More
The Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild for initial access.
The post Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft’s ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors.
“The campaign exhibits characteristics aligned with Chinese-affiliated threat actors, though attribution remains cautious,” Trellix researchers Nico Paulo
The Hacker News – Read More
Hackers are abusing the Microsoft 365 Direct Send feature to deliver phishing emails that bypass email security controls.
The post Microsoft 365 Direct Send Abused for Phishing appeared first on SecurityWeek.
SecurityWeek – Read More