SecurityWeek

The Lumma Stealer is back after Microsoft and law enforcement took action to significantly disrupt the malware’s infrastructure.

Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution.

CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog.

Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days.

Once a manageable function, security operations has become a battlefield of complexity.

Dell confirms the compromise of a demo environment containing synthetic data after hackers leak allegedly stolen information.

Eight vulnerabilities, including ones allowing full control over a device, have been discovered and patched in Helmholz REX 100 industrial routers. 

AI-powered cybersecurity company Darktrace has acquired network traffic visibility provider Mira Security.

Dior says hackers accessed personal information in a January 2025 intrusion. No payment information was compromised.

The UK government has sanctioned three Russian APTs and 18 individuals for their involvement in cyber operations against Ukraine, NATO allies, and EU.

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities.

Iranian APT MuddyWater has been using new versions of the DCHSpy Android surveillance tool since the beginning of the conflict with Israel.

Cierant Corporation and Zumpano Patricios independently disclosed data breaches, each impacting more than 200,000 individuals.

A surveillance company was caught using an SS7 bypass technique to trick wireless carriers into divulging users’ locations.

The Alcohol & Drug Testing Service (TADTS) says personal information was stolen in a July 2024 ransomware attack.

Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771.

Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS.

Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately.

Noteworthy stories that might have slipped under the radar: powerful US law firm hacked by China, Symantec product flaw, $10,000 Meta AI hack, cryptocurrency thieves attempting to bypass FIDO keys. 

AI-native email security firm StrongestLayer has emerged from stealth mode with $5.2 million in seed funding.