Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

This “insidious” police tech claims to predict crime (Lock and Code S06E18)

This week on the Lock and Code podcast, we speak with Emily Galvin-Almanza about predictive policing and whether it actually improves safety.

Malwarebytes
Open in Source
#intel#auth
Zero-Day in Sitecore Exploited to Deploy WEEPSTEEL Malware

Hackers exploit a Sitecore zero-day (CVE-2025-53690) to deploy WEEPSTEEL Malware via ViewState attacks, enabling Remote Code Execution (RCE).

MostereRAT Targets Windows, Uses AnyDesk and TightVNC for Full Access

MostereRAT malware targets Windows through phishing, bypasses security with advanced tactics, and grants hackers full remote control. Cybersecurity…

Lazarus Group Deploys Malware With ClickFix Scam in Fake Job Interviews

North Korea’s Lazarus Group uses the ClickFix scam in fake crypto job interviews to deploy malware, steal data,…

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More

Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it’s knowing which risks matter most right now. That’s what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the

Stopping ransomware before it starts: Lessons from Cisco Talos Incident Response

Explore lessons learned from over two years of Talos IR pre-ransomware engagements, highlighting the key security measures, indicators and recommendations that have proven effective in stopping ransomware attacks before they begin.

Salesloft Drift Breach Traced to GitHub Compromise and Stolen OAuth Tokens

Salesloft Drift breach traced to GitHub compromise and stolen OAuth tokens, Mandiant confirms breach contained and Salesforce data targeted.

ICE Has Spyware Now

Plus: An AI chatbot system is linked to a widespread hack, details emerge of a US plan to plant a spy device in North Korea, your job’s security training isn’t working, and more.

GOP Cries Censorship Over Spam Filters That Work

The chairman of the Federal Trade Commission (FTC) last week sent a letter to Google's CEO demanding to know why Gmail was blocking messages from Republican senders while allegedly failing to block similar missives supporting Democrats. The letter followed media reports accusing Gmail of disproportionately flagging messages from the GOP fundraising platform WinRed and sending them to the spam folder. But according to experts who track daily spam volumes worldwide, WinRed's messages are getting blocked more because its methods of blasting email are increasingly way more spammy than that of ActBlue, the fundraising platform for Democrats.

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-53690, carries a CVSS score of 9.0 out of a maximum of 10.0, indicating critical severity. "Sitecore Experience Manager (XM), Experience