News

SecurityWeek19h
AI Hallucinations Create a New Software Supply Chain Threat
AI-generated code tools are creating fake package names—opening the door to ‘slopsquatting’ attacks and pose a growing supply ...
SecurityWeek16h
Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed
Trend Micro researchers flagging problems with Nvidia’s patch for a critical, code execution vulnerability in the Nvidia ...
SecurityWeek19h
Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit
A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet ...
SecurityWeek16h
Huntress Documents In-The-Wild Exploitation of Critical Gladinet Vulnerabilities
The flaw, tagged as CVE-2025-30406, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in early April.
SecurityWeek23h
Malicious NPM Packages Target Cryptocurrency, PayPal Users
Threat actors have been publishing malicious NPM packages to steal the information and funds of PayPal and cryptocurrency wallet users.
SecurityWeek20h
New ‘ResolverRAT’ Targeting Healthcare, Pharmaceutical Organizations
Organizations in the healthcare and pharmaceutical sectors have been targeted with ResolverRAT, a new malware family with advanced capabilities.
SecurityWeek4d
Study Identifies 20 Most Vulnerable Connected Devices of 2025
Routers are the riskiest devices in enterprise networks as they contain the most critical vulnerabilities, a new Forescout ...
SecurityWeek5d
Groucho’s Wit, Cloud Complexity, and the Case for Consistent Security Policy
Those are my principles, and if you don’t like them…well, I have others.” Although the humor in this quote is obvious, the ...
SecurityWeek4d
Trump Revokes Security Clearance for Ex-CISA Director Chris Krebs
Trump orders a termination of any active security clearances held by Krebs and a suspension of clearances held by individuals ...
SecurityWeek6d
Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day
“In addition to discovering the vulnerability, Microsoft also found that the exploit has been deployed by PipeMagic malware.
SecurityWeek3d
Rising Tides: Bryson Bort on Cyber Entrepreneurship and the Needed Focus on Critical Infrastructure
Interview with Bryson Bort, CEO/Founder of SCYTHE and co-founder of ICS Village, a non-profit building awareness for critical ...
SecurityWeek3d
Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle
The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices.