SecurityWeek

Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog.

The CISA public clarification follows news the Trump administration is temporarily pausing offensive cyber operations against Moscow.

Amazon claims its researchers have combined cat qubit technology and additional quantum error correction components onto a microchip that can be manufactured in a scalable fashion.

Ransomware defense startup Mimic has raised $50 million in a Series A funding round led by Google Ventures and Menlo Ventures.

The US government has seized roughly $31 million in cryptocurrency stolen in 2021 from Uranium Finance.

Cybersecurity-related merger and acquisition (M&A) deals announced in February 2025. 

Ransomware operators exploit a vulnerable Paragon driver in BYOVD attacks to elevate privileges to System.

Angel One says client information was compromised in a data breach involving its AWS account.

A massive hoard of internal chats has been leaked from Black Basta, rivalling the Conti leaks of late February 2022.

Amnesty International publishes technical details on zero-day vulnerabilities exploited by Cellebrite’s mobile forensic tools to spy on a Serbian student activist.

The Director of National Intelligence said such a demand would violate Americans’ rights and raise concerns about a foreign government pressuring a U.S.-based technology company.

Noteworthy stories that might have slipped under the radar: Krispy Kreme data breach costs $11M, Pwn2Own moves to Berlin, the story of the 2024 Disney hack.

The Qilin ransomware gang claims to have stolen 350 Gb of files from Lee Enterprises in the attack that caused newspaper disruptions.

The Vo1d botnet is now powered by 1.6 million Android TV devices, up from 1.3 million half a year ago. 

In a lawsuit targeting cybercriminals who abuse AI services, Microsoft has named individuals from Iran, the UK, China and Vietnam.

CrowdStrike has published its 2025 Global
Threat Report, which warns of faster breakout time and an increase in Chinese activity. 

A Singaporean man accused of being a hacker responsible for over 90 data leaks has been arrested in Thailand. 

SecurityWeek's 2025 Ransomware Resilience & Recovery Summit tool place on February 26th as a fully immersive virtual event.

The current state of regulation and the overwhelming burden it brings to most enterprises is a discussion worth having

XSS vulnerability allowed a threat actor to redirect users to arbitrary domains.