Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability
The Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild for initial access. The post Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability appeared first on SecurityWeek. more…Bipartisan Bill Aims to Block Chinese AI From Federal Agencies
The proposal seeks to ban all use of the technology in the U.S. government, with exceptions for use in research and counterterrorism efforts. The post Bipartisan Bill Aims to Block Chinese AI From Federal Agencies appeared first on SecurityWeek. more…CISA Warns AMI BMC Vulnerability Exploited in the Wild
CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17. The post CISA Warns AMI BMC Vulnerability Exploited in the Wild appeared first on SecurityWeek. more…Central Kentucky Radiology Data Breach Impacts 167,000
The personal information of 167,000 individuals was compromised in an October 2024 data breach at Central Kentucky Radiology. The post Central Kentucky Radiology Data Breach Impacts 167,000 appeared first on SecurityWeek. more…Critical Cisco ISE Vulnerabilities Allow Remote Code Execution
Two critical vulnerabilities in Cisco ISE could allow remote attackers to execute arbitrary code with root privileges. The post Critical Cisco ISE Vulnerabilities Allow Remote Code Execution appeared first on SecurityWeek. more…Critical Citrix NetScaler Flaw Exploited as Zero-Day
Citrix has released patches for a critical vulnerability in NetScaler ADC and NetScaler Gateway exploited as a zero-day. The post Critical Citrix NetScaler Flaw Exploited as Zero-Day appeared first on SecurityWeek. more…Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People
Mainline Health and Select Medical Holdings have suffered data breaches that affect more than 100,000 individuals. The post Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People appeared first on SecurityWeek. more…Motors Theme Vulnerability Exploited to Hack WordPress Websites
Threat actors are exploiting a critical-severity vulnerability in Motors theme for WordPress to change arbitrary user passwords. The post Motors Theme Vulnerability Exploited to Hack WordPress Websites appeared first on SecurityWeek. more…FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks
WhatsApp told SecurityWeek that it linked the exploited FreeType vulnerability CVE-2025-27363 to a Paragon exploit. The post FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks appeared first on SecurityWeek. more…Cloudflare Tunnels Abused in New Malware Campaign
A threat actor is abusing Cloudflare Tunnels for the delivery of a Python loader as part of a complex infection chain. The post Cloudflare Tunnels Abused in New Malware Campaign appeared first on SecurityWeek. more…Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation
Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog. The post Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation appeared first on SecurityWeek. more…Circumvent Raises $6 Million for Cloud Security Platform
Cloud security startup Circumvent has raised $6 million to develop a network of agents for autonomous prioritization and remediation. The post Circumvent Raises $6 Million for Cloud Security Platform appeared first on SecurityWeek. more…Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers
CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild. The post Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers appeared first on SecurityWeek. more…Recent Langflow Vulnerability Exploited by Flodrix Botnet
A critical Langflow vulnerability tracked as CVE-2025-3248 has been exploited to ensnare devices in the Flodrix botnet. The post Recent Langflow Vulnerability Exploited by Flodrix Botnet appeared first on SecurityWeek. more…In Other News: Cloudflare Outage, Cracked.io Users Identified, Victoria’s Secret Cyberattack Cost
Noteworthy stories that might have slipped under the radar: Cloudflare outage not caused by cyberattack, Dutch police identified 126 users of Cracked.io, the Victoria’s Secret cyberattack has cost $10 million. The post In Other News: Cloudflare Outage, Cracked.io Users Identified, Victoria’s Secret Cyberattack Cost appeared first on SecurityWeek. more…SimpleHelp Vulnerability Exploited Against Utility Billing Software Users
CISA warns that vulnerable SimpleHelp RMM instances have been exploited against a utility billing software provider’s customers. The post SimpleHelp Vulnerability Exploited Against Utility Billing Software Users appeared first on SecurityWeek. more…More information
- How fortified is your SAP against security breaches?
- LivaNova USA Discloses Data Breach Impacting 130,000 Individuals
- Microsoft Patches Exploited Power Pages Vulnerability
- Visa: North American Gas Stations Targeted in PoS Attacks
- Silk Road lieutenant Peter Nash pleads guilty
- 8 ways attackers are exploiting the COVID-19 crisis
- Why Apple’s iOS 6 privacy protection will backfire
- New $9,950 autonomous home security drone is giving off dystopian vibes
- Apple uses iOS and macOS Rapid Security Response feature for the first time
- Flaw Allows Attackers to Modify Firmware on Rockwell PLCs