Collaborate Disseminate
Poland’s CERT has published a report on the recent attack, providing new details on targeted ICS and attribution.
The post Default ICS Credentials Exploited in Destructive Attack on Polish Energy Facilities appeared first on SecurityWeek.
Continue reading Default ICS Credentials Exploited in Destructive Attack on Polish Energy Facilities
The likely state-sponsored threat actor had access to the hosting provider for months and targeted only certain Notepad++ customers.
The post Notepad++ Supply Chain Hack Conducted by China via Hosting Provider appeared first on SecurityWeek.
Continue reading Notepad++ Supply Chain Hack Conducted by China via Hosting Provider
Two Biden-era memorandums have been revoked, but some of the resources they provide can still be used by government organizations.
The post White House Scraps ‘Burdensome’ Software Security Rules appeared first on SecurityWeek.
Continue reading White House Scraps ‘Burdensome’ Software Security Rules
Sandworm/Electrum hackers targeted communication and control systems at 30 sites.
The post ICS Devices Bricked Following Russia-Linked Intrusion Into Polish Power Grid appeared first on SecurityWeek.
Continue reading ICS Devices Bricked Following Russia-Linked Intrusion Into Polish Power Grid
The announcement comes just weeks after Palo Alto Networks and Google Cloud announced a multibillion-dollar AI and cloud security deal.
The post PwC and Google Cloud Ink $400 Million Deal to Scale AI-Powered Defense appeared first on SecurityWeek.
Continue reading PwC and Google Cloud Ink $400 Million Deal to Scale AI-Powered Defense
A total of 87 individuals, mostly Venezuelan nationals, have been charged for their role in the ATM jackpotting scheme.
The post US Charges 31 More Defendants in Massive ATM Hacking Probe appeared first on SecurityWeek.
Continue reading US Charges 31 More Defendants in Massive ATM Hacking Probe
Indurex was founded by Jalal Bouhdada, who previously led industrial cybersecurity company Applied Risk.
The post Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems appeared first on SecurityWeek.
Continue reading Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems
A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm.
The post High-Severity Remote Code Execution Vulnerability Patched in OpenSSL appeared first on SecurityWeek.
Continue reading High-Severity Remote Code Execution Vulnerability Patched in OpenSSL
Domains set up by the threat actor suggest attacks aimed at Atlassian, Canva, Epic Games, HubSpot, Moderna, ZoomInfo, and WeWork.
The post Over 100 Organizations Targeted in ShinyHunters Phishing Campaign appeared first on SecurityWeek.
Continue reading Over 100 Organizations Targeted in ShinyHunters Phishing Campaign
The vulnerability is tracked as CVE-2026-21509 and it can be exploited to bypass security features.
The post Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks appeared first on SecurityWeek.
Continue reading Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks