SecurityWeek

South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign.

CISA has added three critical-severity flaws in Ivanti EPM to its Known Exploited Vulnerabilities catalog.

Information is coming to light on the cyberattack that caused X outages, but it should be taken with a pinch of salt.

Elon Musk claimed that the social media platform X was being targeted in a “massive cyberattack" that impacted availability.

Binance is being spoofed in an email campaign using free TRUMP Coins as a lure leading to the installation of the ConnectWise RAT.

Palo Alto Networks has shared details on several high-severity Mitsubishi Electric and Iconics SCADA vulnerabilities.

Fortra has shared an update on the effects of actions taken to reduce the abuse of Cobalt Strike by threat actors.

Davis Lu was convicted of sabotaging his employer’s systems through malicious code, and deleting encrypted data.

In 2024, Google paid out nearly $12 million in bug bounties through its revamped vulnerability reward programs.

GreyNoise warns of mass exploitation of a critical vulnerability in PHP leading to remote code execution on vulnerable servers.

Several healthcare organizations in different US states have disclosed data breaches affecting 100,000-200,000 individuals. 

Two men linked to Garantex are accused of facilitating multi-billion dollar money laundering and sanctions violations.

Noteworthy stories that might have slipped under the radar: Google discloses AMD CPU flaw named EntrySign, ISPs in the US and China targeted in massive attack, ENISA report on NIS2 Directive.

Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution.

An extortion group has been sending physical mail to corporate executives, threatening to leak their data unless a ransom is paid.

Microsoft has uncovered a malvertising campaign that redirected users to information stealers hosted on GitHub.

National Presto Industries says a cyberattack has resulted in a system outage and operational disruptions.

NTT Communications Corporation has disclosed a data breach impacting the information of nearly 18,000 customer organizations.

Dozens of schools and thousands of individuals are impacted by a data breach resulting from a ransomware attack on Carruth Compliance Consulting.

Google Cloud’s AI Protection helps discover AI inventory, secure AI assets, and manage threats with detect, investigate, and respond capabilities.