SonicWall has released fixes for three vulnerabilities in NetExtender for Windows, including a high-severity bug.
The post SonicWall Patches High-Severity Vulnerability in NetExtender appeared first on SecurityWeek.
SecurityWeek – Read More
Laboratory Services Cooperative says the personal and medical information of 1.6 million was stolen in an October 2024 data breach.
The post 1.6 Million People Impacted by Data Breach at Laboratory Services Cooperative appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity researchers have found that threat actors are setting up deceptive websites hosted on newly registered domains to deliver a known Android malware called SpyNote.
These bogus websites masquerade as Google Play Store install pages for apps like the Chrome web browser, indicating an attempt to deceive unsuspecting users into installing the malware instead.
“The threat actor utilized a
The Hacker News – Read More
Very few people in the cybersecurity industry do not know, or know of, Bryson Bort. Yes, he’s the CEO/Founder of SCYTHE, but he’s also the co-founder of ICS Village (the next one at RSA Conference from April 28 to May 1, 2025). This event, and all of our industry’s attention on critical infrastructure, is pivotal […]
The post Rising Tides: Bryson Bort on Cyber Entrepreneurship and the Needed Focus on Critical Infrastructure appeared first on SecurityWeek.
SecurityWeek – Read More
Palo Alto Networks has revealed that it’s observing brute-force login attempts against PAN-OS GlobalProtect gateways, days after threat actors warned of a surge in suspicious login scanning activity targeting its appliances.
“Our teams are observing evidence of activity consistent with password-related attacks, such as brute-force login attempts, which does not indicate exploitation of a
The Hacker News – Read More
A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure.
The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites.
“The
The Hacker News – Read More
Nakasone said he didn’t know “what really occurred” and has not spoken to either Haugh or Noble since the presidential decisions were made, but he lauded both of them as “extraordinary leaders.”
The Record from Recorded Future News – Read More
Gladinet’s platform is widely used among managed service providers, and a critical deserialization flaw could put MSP customers in jeopardy.
darkreading – Read More
The U.S. plans to sign an international agreement designed to govern the use of commercial spyware, the State Department said Thursday.
The Record from Recorded Future News – Read More
ReversingLabs reveals a malicious npm package targeting Atomic and Exodus wallets, silently hijacking crypto transfers via software patching.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More