Collaborate Disseminate
In December 2025, hackers stole names and passport numbers from the European travel company’s network.
The post 300,000 People Impacted by Eurail Data Breach appeared first on SecurityWeek.
Continue reading 300,000 People Impacted by Eurail Data Breach
The vulnerability requires authentication for successful exploitation, but another flaw exposes the Jolokia API without authentication.
The post RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years appeared first on SecurityWeek.
Continue reading RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years
The FBI received over 1 million complaints of malicious activity in 2025, with investment, BEC, and tech support scams causing the highest losses.
The post FBI: Cybercrime Losses Neared $21 Billion in 2025 appeared first on SecurityWeek.
Continue reading FBI: Cybercrime Losses Neared $21 Billion in 2025
Focused on persistence, the botnet does not engage in widespread infection and avoids blacklisted IPs and critical infrastructure entities.
The post Evasive Masjesu DDoS Botnet Targets IoT Devices appeared first on SecurityWeek.
Continue reading Evasive Masjesu DDoS Botnet Targets IoT Devices
The vulnerability allows hackers to upload arbitrary files to a site’s server and achieve remote code execution.
The post Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover appeared first on SecurityWeek.
Continue reading Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover
The startup has created a layered security solution aiming to secure AI agents throughout their entire lifecycle.
The post Trent AI Emerges From Stealth With $13 Million in Funding appeared first on SecurityWeek.
Continue reading Trent AI Emerges From Stealth With $13 Million in Funding
The improper validation of user-supplied JavaScript code allows attackers to execute arbitrary code and access the file system.
The post Critical Flowise Vulnerability in Attacker Crosshairs appeared first on SecurityWeek.
Continue reading Critical Flowise Vulnerability in Attacker Crosshairs
By targeting Grafana’s AI components, attackers can point to external resources and inject indirect prompts to bypass safeguards.
The post GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data appeared first on SecurityWeek.
Continue reading GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data
The group is using zero-days, quickly weaponizes fresh bugs, and exfiltrates and encrypts data within days of initial access.
The post Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems appeared first on SecurityWeek.
Continue reading Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems
Shchukin is accused of extorting more than $2 million as the head of the GandCrab and REvil ransomware operations.
The post German Police Unmask REvil Ransomware Leader appeared first on SecurityWeek.
Continue reading German Police Unmask REvil Ransomware Leader