Collaborate Disseminate
A state-sponsored threat actor manipulated Claude Code to execute cyberattacks on roughly 30 organizations worldwide.
The post Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign appeared first on SecurityWeek.
Continue reading Anthropic Says Claude AI Powered 90% of Chinese Espionage Campaign
Federal agencies have reported as ‘patched’ ASA or FTD devices running software versions vulnerable to attacks.
The post CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks appeared first on SecurityWeek.
Continue reading CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks
The spam campaign is likely orchestrated by an Indonesian threat actor, based on code comments and the packages’ random names.
The post Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm appeared first on SecurityWeek.
Continue reading Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm
Tracked as CVE-2025-9242 (CVSS score of 9.3), the flaw leads to unauthenticated, remote code execution on vulnerable firewalls.
The post Critical WatchGuard Firebox Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Continue reading Critical WatchGuard Firebox Vulnerability Exploited in Attacks
The ransomware attack on the pathology services provider disrupted operations at several London hospitals.
The post Synnovis Confirms Patient Information Stolen in Disruptive Ransomware Attack appeared first on SecurityWeek.
Continue reading Synnovis Confirms Patient Information Stolen in Disruptive Ransomware Attack
Amazon has seen a threat actor exploiting CVE-2025-20337 and CVE-2025-5777, two critical Cisco and Citrix vulnerabilities, as zero-days.
The post Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon appeared first on SecurityWeek.
Continue reading Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon
Google and Mozilla have released fresh Chrome and Firefox updates that address multiple high-severity security defects.
The post Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases appeared first on SecurityWeek.
Continue reading Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases
The cybersecurity startup will use the investment to accelerate global expansion and product innovation.
The post Sweet Security Raises $75 Million for Cloud and AI Security appeared first on SecurityWeek.
Continue reading Sweet Security Raises $75 Million for Cloud and AI Security
Ivanti and Zoom resolved security defects that could lead to arbitrary file writes, elevation of privilege, code execution, and information disclosure.
The post High-Severity Vulnerabilities Patched by Ivanti and Zoom appeared first on SecurityWeek.
Continue reading High-Severity Vulnerabilities Patched by Ivanti and Zoom
Researchers submitted 107 bug reports during the bugSWAT hacking event at the ESCAL8 conference in New Mexico.
The post Google Paid Out $458,000 at Live Hacking Event appeared first on SecurityWeek.
Continue reading Google Paid Out $458,000 at Live Hacking Event