Aquabot Botnet Targeting Vulnerable Mitel Phones

The Mirai-based Aquabot botnet has been targeting a vulnerability in Mitel SIP phones for which a proof-of-concept (PoC) exploit exists.

The post Aquabot Botnet Targeting Vulnerable Mitel Phones appeared first on SecurityWeek.

SecurityWeek – ​Read More

New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones

New CPU side-channel attacks named SLAP and FLOP can be exploited to remotely steal data from Apple mobile and desktop devices. 

The post New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones appeared first on SecurityWeek.

SecurityWeek – ​Read More

AI in Cybersecurity: What’s Effective and What’s Not – Insights from 200 Experts

Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy in the tech world or a serious game changer? Let’s unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI on cybersecurity.
Join Ravid Circus, a seasoned pro in cybersecurity and AI, as we peel back the layers of AI in cybersecurity through a revealing

The Hacker News – ​Read More

The Trial at the Tip of the Terrorgram Iceberg

Atomwaffen Division cofounder and alleged Terrorgram Collective member Brandon Russell is facing a potential life sentence for an alleged plot on a Baltimore electrical station. His case is only the beginning.

Security Latest – ​Read More

Smiths Group Scrambling to Restore Systems Following Cyberattack

Engineering firm Smiths Group has disclosed a cyberattack that forced it to take some systems offline and activate business continuity plans.

The post Smiths Group Scrambling to Restore Systems Following Cyberattack appeared first on SecurityWeek.

SecurityWeek – ​Read More

Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution

A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances.
The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0.
“Due to a flaw in the multi-line SNMP result parser, authenticated users can inject

The Hacker News – ​Read More

SimpleHelp Remote Access Software Exploited in Attacks

Threat actors have been exploiting SimpleHelp remote access software shortly after the disclosure of three vulnerabilities.

The post SimpleHelp Remote Access Software Exploited in Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

How Interlock Ransomware Infects Healthcare Organizations

Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure that nearly doubles the previously disclosed total. 
This breach shows just how deeply ransomware

The Hacker News – ​Read More

Frenos Raises $3.88M in Seed Funding for OT Security Assessment Platform

Frenos, a company that has developed an autonomous OT security assessment platform, has raised $3.88 million in seed funding. 

The post Frenos Raises $3.88M in Seed Funding for OT Security Assessment Platform appeared first on SecurityWeek.

SecurityWeek – ​Read More

Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer

Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access.
The vulnerability, tracked as CVE-2025-22217 (CVSS score: 8.6), has been described as an unauthenticated blind SQL injection.
“A malicious user with network access may be able to use specially crafted SQL queries to gain database

The Hacker News – ​Read More