New UK Framework Pressures Vendors on SBOMs, Patching and Default MFA

/in

By baking minimum expectations into procurement conversations, the plan is to steer software vendors to “secure-by-design and default” basics.

The post New UK Framework Pressures Vendors on SBOMs, Patching and Default MFA appeared first on SecurityWeek.

SecurityWeek – ​Read More

Poland arrests four in global DDoS-for-hire takedown

/in

The suspects allegedly operated six platforms that offered distributed denial-of-service attacks for as little as 10 euros.

The Record from Recorded Future News – ​Read More

Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks

/in

Europol has announced the takedown of distributed denial of service (DDoS)-for-hire services that were used to launch thousands of cyber-attacks across the world.
In connection with the operation, Polish authorities have arrested four individuals and the United States has seized nine domains that are associated with the now-defunct platforms.
“The suspects are believed to be behind six separate

The Hacker News – ​Read More

OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws

/in

A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2025-27007 (CVSS score: 9.8), is a privilege escalation bug impacting all versions of the plugin prior to and including version 1.0.82. 
“This is due to the create_wp_connection() function missing a capability check and

The Hacker News – ​Read More

Infrastructure as Code: An IaC Guide to Cloud Security

/in

IaC is powerful. It brings speed, scale, and structure to cloud infrastructure. But none of that matters if your security can’t keep up.

darkreading – ​Read More

US Sanctions Myanmar Militia Involved in Cyber Scams 

/in

The US has sanctioned Myanmar warlord Saw Chit Thu and his militia for their roles in cyber scams causing billions in losses to American victims.

The post US Sanctions Myanmar Militia Involved in Cyber Scams  appeared first on SecurityWeek.

SecurityWeek – ​Read More

Europol, Poland Bust Major DDoS-for-Hire Operation, Arrest 4

/in

Polish authorities arrest 4 behind major DDoS-for-hire sites used in global attacks. Europol, US, Germany, and Dutch forces…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks

/in

Austin, USA / Texas, 7th May 2025, CyberNewsWire

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited, Warns CISA

/in

CISA warns of active exploitation of critical Langflow vulnerability (CVE-2025-3248). Critical RCE flaw allows full server takeover. Patch…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack

/in

Meta has won its WhatsApp hacking lawsuit against Israeli spyware company NSO Group in an “important step forward for privacy and security”.

The post Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack appeared first on SecurityWeek.

SecurityWeek – ​Read More