Browser Security Firm SquareX Raises $20 Million
Fri, 25 Apr 2025 21:40:15 +0000
SquareX offers what it has dubbed a “Browser Detection and Response (BDR)” solution.
The post Browser Security Firm SquareX Raises $20 Million appeared first on SecurityWeek.
https://www.securityweek.com/browser-security-firm-squarex-raises-20-million/
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
Fri, 25 Apr 2025 19:35:00 +0530
North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process.
“In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry—BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)—to spread
https://thehackernews.com/2025/04/north-korean-hackers-spread-malware-via.html
Former Google Cloud CISO Phil Venables Joins Ballistic Ventures
Fri, 25 Apr 2025 14:03:18 +0000
Venables has served as CISO and security executive across several large organizations, including Google Cloud, Goldman Sachs, Deutsche Bank.
The post Former Google Cloud CISO Phil Venables Joins Ballistic Ventures appeared first on SecurityWeek.
https://www.securityweek.com/former-google-cloud-ciso-phil-venables-joins-ballistic-ventures/
Lattica Emerges From Stealth With FHE Platform for AI
Fri, 25 Apr 2025 13:30:47 +0000
Lattica has raised $3.25 million in pre-seed funding for a platform that uses FHE to enable AI models to process encrypted data.
The post Lattica Emerges From Stealth With FHE Platform for AI appeared first on SecurityWeek.
https://www.securityweek.com/lattica-emerges-from-stealth-with-fhe-platform-for-ai/
M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat
Fri, 25 Apr 2025 13:29:45 +0000
Mandiant’s latest threat report shows how attackers adapt faster than defenses, shifting strategies toward credential theft and insider threats.
The post M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat appeared first on SecurityWeek.
https://www.securityweek.com/m-trends-2025-state-sponsored-it-workers-emerge-as-new-global-threat/
Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy
Fri, 25 Apr 2025 12:43:37 +0000
With over 12,000 breaches analyzed, this year’s DBIR reveals a landscape shaped by not just individual threats, but by entire economies of compromise.
The post Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy appeared first on SecurityWeek.
https://www.securityweek.com/inside-the-verizon-2025-dbir-five-trends-that-signal-a-shift-in-the-cyber-threat-economy/
Scamnetic Raises $13 Million to Prevent Scams in Real Time
Fri, 25 Apr 2025 12:30:00 +0000
AI-powered threat protection startup Scamnetic has raised $13 million in a Series A funding round led by Roo Capital.
The post Scamnetic Raises $13 Million to Prevent Scams in Real Time appeared first on SecurityWeek.
https://www.securityweek.com/scamnetic-raises-13-million-to-prevent-scams-in-real-time/
Manifest Raises $15 Million for SBOM Management Platform
Fri, 25 Apr 2025 12:06:57 +0000
Software and AI supply chain transparency firm Manifest has raised $15 million in a Series A funding round led by Ensemble VC.
The post Manifest Raises $15 Million for SBOM Management Platform appeared first on SecurityWeek.
https://www.securityweek.com/manifest-raises-15-million-for-sbom-management-platform/
In Other News: Prison for Disney Hacker, MITRE ATT&CK v17, Massive DDoS Botnet
Fri, 25 Apr 2025 11:59:57 +0000
Noteworthy stories that might have slipped under the radar: former Disney employee sent to prison for hacking, MITRE releases ATT&CK v17, DDoS botnet powered by 1.3 million devices.
The post In Other News: Prison for Disney Hacker, MITRE ATT&CK v17, Massive DDoS Botnet appeared first on SecurityWeek.
https://www.securityweek.com/in-other-news-prison-for-disney-hacker-mitre-attck-v17-massive-ddos-botnet/
South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days
Fri, 25 Apr 2025 11:24:14 +0000
Multiple South Korean organizations across industries have been targeted in a recent Lazarus campaign dubbed Operation SyncHole.
The post South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days appeared first on SecurityWeek.
https://www.securityweek.com/south-korean-companies-targeted-by-lazarus-via-watering-hole-attacks-zero-days/
RSA Conference 2025 – Pre-Event Announcements Summary (Part 2)
Fri, 25 Apr 2025 11:00:00 +0000
Hundreds of companies are showcasing their products and services next week at the 2025 edition of the RSA Conference in San Francisco.
The post RSA Conference 2025 – Pre-Event Announcements Summary (Part 2) appeared first on SecurityWeek.
https://www.securityweek.com/rsa-conference-2025-pre-event-announcements-summary-part-2/
New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework
Fri, 25 Apr 2025 16:11:00 +0530
Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution.
“The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue,” ReliaQuest said in a report published this week.
The cybersecurity
https://thehackernews.com/2025/04/sap-confirms-critical-netweaver-flaw.html
Why NHIs Are Security’s Most Dangerous Blind Spot
Fri, 25 Apr 2025 16:00:00 +0530
When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is a growing threat that does not involve human credentials at all, as we witness the exponential growth of Non-Human Identities (NHIs).
At the top of mind when NHIs are mentioned, most security teams immediately think of Service Accounts.
https://thehackernews.com/2025/04/why-nhis-are-securitys-most-dangerous.html
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
Fri, 25 Apr 2025 14:27:00 +0530
Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions.
The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below –
CVE-2025-27610 (CVSS score: 7.5) – A path traversal
https://thehackernews.com/2025/04/researchers-identify-rackstatic.html
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
Fri, 25 Apr 2025 14:13:00 +0530
Cybersecurity researchers are warning about a new malware called DslogdRAT that’s installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS).
The malware, along with a web shell, were “installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024,” JPCERT/CC researcher Yuma
https://thehackernews.com/2025/04/dslogdrat-malware-deployed-via-ivanti.html
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware
Thu, 24 Apr 2025 19:41:00 +0530
At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole.
The activity targeted South Korea’s software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected in
https://thehackernews.com/2025/04/lazarus-hits-6-south-korean-firms-via.html
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools
Thu, 24 Apr 2025 18:28:00 +0530
Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring.
This causes a “major blind spot in Linux runtime security tools,” ARMO said.
“This mechanism allows a user application to perform various actions without using system calls,” the company said in
https://thehackernews.com/2025/04/linux-iouring-poc-rootkit-bypasses.html
Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign
Thu, 24 Apr 2025 18:26:00 +0530
The Evolving Healthcare Cybersecurity Landscape
Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security approaches are proving inadequate. According to recent statistics, the healthcare sector
https://thehackernews.com/2025/04/automating-zero-trust-in-healthcare.html
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure
Thu, 24 Apr 2025 18:25:00 +0530
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024.
“We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure,” VulnCheck said in a report shared with The Hacker News.
This translates to 45 security flaws that have been weaponized
https://thehackernews.com/2025/04/159-cves-exploited-in-q1-2025-283.html
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals
Thu, 24 Apr 2025 16:57:00 +0530
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities.
“This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes,” Netcraft said in a fresh report shared with The Hacker News.
https://thehackernews.com/2025/04/darcula-adds-genai-to-phishing-toolkit.html