Victoria’s Secret Website Taken Offline After Cyberattack

/in

Website remains offline following suspected cyber incident, as experts warn of escalating threats targeting major retailers

The post Victoria’s Secret Website Taken Offline After Cyberattack appeared first on SecurityWeek.

SecurityWeek – ​Read More

Adidas Data Breach Linked to Third-Party Vendor

/in

Adidas said hackers accessed a “third-party customer service provider” and stole customer information.

The post Adidas Data Breach Linked to Third-Party Vendor appeared first on SecurityWeek.

SecurityWeek – ​Read More

Webinar Today: Why Context is a Secret Weapon in Application Security Posture Management

/in

Join the live webinar to understand why data in itself is not enough to make informed decisions for prioritization.

The post Webinar Today: Why Context is a Secret Weapon in Application Security Posture Management appeared first on SecurityWeek.

SecurityWeek – ​Read More

The US Is Storing Migrant Children’s DNA in a Criminal Database

/in

Customs and Border Protection has swabbed the DNA of migrant children as young as 4, whose genetic data is uploaded to an FBI-run database that can track them if they commit crimes in the future.

Security Latest – ​Read More

‘Haozi’ Gang Sells Turnkey Phishing Tools to Amateurs

/in

The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to install.

darkreading – ​Read More

Beyond GenAI: Why Agentic AI Was the Real Conversation at RSA 2025

/in

Agentic AI can be a great tool for many of the ‘gray area’ tasks that SOC analysts undertake.

The post Beyond GenAI: Why Agentic AI Was the Real Conversation at RSA 2025 appeared first on SecurityWeek.

SecurityWeek – ​Read More

Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations

/in

Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2).
The tech giant, which discovered the activity in late October 2024, said the malware was hosted on a compromised government website and was used to target multiple other government entities.
“Misuse of cloud

The Hacker News – ​Read More

Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin

/in

Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload arbitrary files.
TI WooCommerce Wishlist, which has over 100,000 active installations, is a tool to allow e-commerce site customers to save their favorite products for later and share the lists on social

The Hacker News – ​Read More

DanaBot takedown shows how agentic AI cut months of SOC analysis to weeks

/in

Agentic AI: Empowering SOC Analysts to Decisively Defeat Cyber Threats

Agentic AI played a decisive role in dismantling DanaBot, a Russian malware platform responsible for more than 50 million dollars in damages.Read More

Security News | VentureBeat – ​Read More

OneDrive File Picker Flaw Gives Apps Full Access to User Drives

/in

A recent investigation by cybersecurity researchers at Oasis Security has revealed a data overreach in how Microsoft’s OneDrive…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More