SecurityWeek

Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities

Google has released Chrome 142 to the stable channel with patches for 20 vulnerabilities, including seven high-severity flaws ...
SecurityWeek

In Other News: WhatsApp Passkey-Encrypted Backups, Russia Targets Meduza Malware, New Mastercard Solution

Several interesting Android malware families, UN cybercrime treaty, criminal complaint against Clearview AI in Europe.
SecurityWeek

Ukrainian Man Extradited From Ireland to US Over Conti Ransomware Charges

Ukrainian national who fled to Ireland following the Russian invasion has been extradited to the US to face Conti ransomware ...
SecurityWeek

Major US Telecom Backbone Firm Hacked by Nation-State Actors

Ribbon Communications, an American company that provides backbone technology for communication networks, has been targeted by ...
SecurityWeek

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks

Chinese threat actor exploiting an unpatched Windows shortcut vulnerability in fresh attacks targeting the diplomatic ...
SecurityWeek

CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog

CISA expanded its Known Exploited Vulnerabilities (KEV) catalog with two security defects impacting XWiki and VMware products ...
SecurityWeek

Former US Defense Contractor Executive Admits to Selling Exploits to Russia

Peter Williams pleaded guilty in a US court to stealing exploits from a US defense contractor and selling them to a Russian ...
SecurityWeek

Chrome Zero-Day Exploitation Linked to Hacking Team Spyware

The exploitation of the first Chrome zero-day of 2025 is linked to tools used in attacks involving Hacking Team’s new Dante ...
SecurityWeek

New Attack Targets DDR5 Memory to Steal Keys From Intel and AMD TEEs

New TEE.fail attack can be used to break CPU-based security technologies from Intel and AMD by targeting DDR5 memory.
SecurityWeek

MITRE Unveils ATT&CK v18 With Updates to Detections, Mobile, ICS

MITRE has unveiled the latest version of ATT&CK, with the most significant changes in the defensive part of the framework.
SecurityWeek

Ad and PR Giant Dentsu Says Hackers Stole Merkle Data

Japan-based advertising and PR giant Dentsu has disclosed a data breach impacting systems of its subsidiary Merkle.
SecurityWeek

TurboMirai-Class ‘Aisuru’ Botnet Blamed for 20+ Tbps DDoS Attacks

Dubbed Aisuru, the botnet is part of a new class of DDoS-capable malware, referred to as TurboMirai. The threats are ...