SecurityWeek

The sudden shutdown follows the sale of Skybox Security’s business and technology assets to rival Israeli cybersecurity firm Tufin. 

Seattle startup building technology to mitigate lateral movement and block “living off the land” techniques wins interest from investors.

The EU has announced new sanctions against entities aiding Russia’s war against Ukraine, including an individual who leads North Korean hackers.

Dragos has published its 2025 OT/ICS Cybersecurity Report, which provides information on the threats and trends observed in 2024. 

CISA has added CVE-2024-20953, an Oracle Agile PLM vulnerability patched in January 2024, to its KEV catalog. 

The question is whether Majorana 1 advances progress toward quantum computing – or for security professionals, the arrival of computers powerful enough to break PKE.

Rad Security has raised $14 million in Series A funding for a defense platform for AI workloads and cloud infrastructure.

OpenAI has banned ChatGPT accounts used by Chinese threat actors, including ones leveraged for the development of spying tools.

Texas automated endpoint management vendor banks $500 million infusion in Series C extensions that values the company at $5 billion. 

Australian government entities have been banned from using products and services of Russian cybersecurity company Kaspersky.

A Michigan man has been charged for buying compromised credentials on Genesis Market and using and selling them.

Companies and experts have found evidence linking the $1.5 billion Bybit cryptocurrency heist to North Korean Lazarus hackers.

Over 400,000 ETH and stETH worth more than $1.5 billion were stolen from the Bybit cryptocurrency exchange.

ESET says hundreds of freelance software developers have fallen victim to North Korean hackers posing as recruiters.

Apple says it can no longer offer end-to-end encrypted cloud backups in the UK and insists it will never build a backdoor or master key.

Cisco Talos observed Chinese hackers pivoting from a compromised device operated by one telecom to target a device in another telecom.

Noteworthy stories that might have slipped under the radar: Black Basta ransomware chat logs leaked, SEC launches new cyber unit, DOGE website hacked.

OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server.

A researcher dives into Chinese reports attributing cyberattacks on Northwestern Polytechnical University to the NSA’s TAO division.

CISA has added a Craft CMS flaw tracked as CVE-2025-23209 to its Known Exploited Vulnerabilities (KEV) catalog.