SecurityWeek

A Chinese-speaking threat actor tracked as Tidrone has been targeting military and satellite industries in Taiwan.

Slim CD says the personal and credit card information of 1.7 million was compromised in a ten-month-long data breach.

Poland’s security officials said they have foiled cyberattacks and online blackmail attempts by groups acting for Russian and Belarusian services.

Google’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases.

Avis Car Rental is notifying roughly 300,000 individuals that their personal information was stolen in an August 2024 data breach.

A Kazakhstani and a Russian national were indicted in the US for operating dark web sites facilitating PII, card, and banking information trading.

An academic researcher has devised a new method of exfiltrating data from air-gapped systems using radio signals from memory buses.

A recently patched SonicWall vulnerability tracked as CVE-2024-40766 may have been exploited in ransomware attacks.

Recorded Future observes renewed Predator spyware activity on fresh infrastructure after a drop caused by US sanctions.

Kaspersky’s customers in the US are being acquired by cybersecurity firm Pango and will be offered UltraAV antimalware software.

The US government will remove "unnecessary degree requirements" in favor of skills-based hiring to help fill 500,000 open cybersecurity jobs.

SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild.

Noteworthy stories that might have slipped under the radar: US Special Forces can hack buildings, X is hiring cybersecurity staff, and FTC warns of Bitcoin ATM scams. 

The latest Apache OFBiz update patches CVE-2024-45195, a bypass of a recently disclosed remote code execution bug exploited in attacks.

Roundup of the three dozen cybersecurity-related merger and acquisition (M&A) deals announced in August 2024.

Veeam has released patches for critical-severity vulnerabilities in Backup & Replication, ONE, and Service Provider Console.

A vulnerability in the LiteSpeed Cache WordPress plugin leads to the exposure of sensitive information, including user cookies.

Researchers and the TSA have different views on the impact of vulnerabilities in an airport security application that could allegedly allow the bypass of certain airport security systems.

A secretive Russian military unit, previously linked to assassinations and destabilization in Europe, is blamed for destructive wiper malware attacks in Ukraine.

Planned Parenthood confirms "cybersecurity incident" as RansomHub ransomware gang threatens to leak 93 Gb of data stolen from the nonprofit last week.