SecurityWeek

Chinese government hackers are busily targeting water treatment plants, the electrical grid, transportation systems and other critical infrastructure inside the United States, FBI Director Chris Wray told lawmakers.

The US government neutralizes a botnet full of end-of-life Cisco and Netgear routers being by a notorious Chinese APT group.

SecurityWeek interviews Del Rodillas, Senior Director of Product Management at Palo Alto Networks, about the integration of IT and OT in the ICS threat landscape.

Researchers at Qualys call attention to a vulnerability in Linux’s GNU C Library (glibc) that allows full root access to a system.

Ivanti documents a brand-new zero-day and belatedly ships patches; Mandiant is reporting "broad exploitation activity."

Reken, an AI-defense cybersecurity startup still in stealth mode raises $10 million before revealing its product.

Over a dozen vulnerabilities discovered in Tor audit, including a high-risk flaw that can be exploited to inject arbitrary bridges. 

A leaked token provided unrestricted access to the entire source code on Mercedes-Benz’s GitHub Enterprise server.

Nathan Austad and Kamerin Stokes have been charged for hacking user accounts at fantasy sports and betting website DraftKings.

A new Israeli startup called Aim Security has raised $10 million in seed financing to help with the secure deployment of generative-AI technologies.

By turning incident response simulation into a continuous process and employing innovative tools, you can address the stringent requirements of the new SEC incident disclosure rules.

US Treasury Department announces sanctions against two Egyptian nationals accused of running an ISIS cyber platform.

Shadowserver Foundation has seen 45,000 Jenkins instances affected by CVE-2024-23897, which may already be exploited in attacks.

Officials said court and other systems in Georgia’s most populous county were hacked over the weekend.

Akamai flags six zero-day vulnerabilities in Hitron DVRs exploited to ensnare devices in the InfectedSlurs botnet.

Italian regulators told OpenAI that its ChatGPT artificial intelligence chatbot has violated GDPR.

Anyone who believes ransomware will go away doesn’t understand the nature of criminality. Extortion has and always will be a primary criminal business plan.

A massive database containing the information of 85% of the Indian population has emerged on the dark web.

A high-severity flaw in the J-Web interface of Juniper’s Junos OS could lead to arbitrary command execution, remotely.

New bipartisan, bicameral legislation aims to improve cybersecurity protections within the food and agriculture sector.