SecurityWeek Cybersecurity News, Insights & Analysis
- In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Firedby SecurityWeek News on April 4, 2025 at 2:30 pm
Noteworthy stories that might have slipped under the radar: Apple adding TCC events to Endpoint Security, cybersecurity funding report for Q1 2025, Trump fires the head of NSA and Cyber Command. The post In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired appeared first on SecurityWeek.
- State Bar of Texas Says Personal Information Stolen in Ransomware Attackby Ionut Arghire on April 4, 2025 at 12:44 pm
The State Bar of Texas is notifying thousands of individuals that their personal information was stolen in a February ransomware attack. The post State Bar of Texas Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
- US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locationsby Ionut Arghire on April 4, 2025 at 12:09 pm
US and allied countries warn of threat actors using the “fast flux” technique to change DNS records and hide malicious servers’ locations. The post US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations appeared first on SecurityWeek.
- Oracle Confirms Cloud Hackby Eduard Kovacs on April 4, 2025 at 10:30 am
Oracle has confirmed suffering a data breach but the tech giant is apparently trying to downplay the impact of the incident. The post Oracle Confirms Cloud Hack appeared first on SecurityWeek.
- Critical Apache Parquet Vulnerability Leads to Remote Code Executionby Ionut Arghire on April 4, 2025 at 10:10 am
A critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise. The post Critical Apache Parquet Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek.
- Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hackby Ionut Arghire on April 4, 2025 at 9:48 am
Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack. The post Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack appeared first on SecurityWeek.
- Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances by Ryan Naraine on April 3, 2025 at 5:07 pm
Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances appeared first on SecurityWeek.
- Halo ITSM Vulnerability Exposed Organizations to Remote Hackingby Eduard Kovacs on April 3, 2025 at 3:45 pm
An unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data. The post Halo ITSM Vulnerability Exposed Organizations to Remote Hacking appeared first on SecurityWeek.
- Hunters International Ransomware Gang Rebranding, Shifting Focusby Ionut Arghire on April 3, 2025 at 1:02 pm
The notorious cybercrime group Hunters International is dropping ransomware to focus on data theft and extortion. The post Hunters International Ransomware Gang Rebranding, Shifting Focus appeared first on SecurityWeek.
- Cybersecurity M&A Roundup: 23 Deals Announced in March 2025by Eduard Kovacs on April 3, 2025 at 12:00 pm
Less than two dozen cybersecurity merger and acquisition (M&A) deals were announced in March 2025. The post Cybersecurity M&A Roundup: 23 Deals Announced in March 2025 appeared first on SecurityWeek.
