SecurityWeek

HPE Patches Critical Flaw in IT Infrastructure Management Software

HPE has released patches for a critical-severity OneView vulnerability that could lead to unauthenticated remote code ...
SecurityWeek

CISA Warns of Exploited Flaw in Asus Update Tool

CISA warns of attacks exploiting CVE-2025-59374, a backdoor introduced in the Asus Live Update tool in a supply chain attack.
SecurityWeek

SonicWall Patches Exploited SMA 1000 Zero-Day

Threat actors are chaining CVE-2025-40602, a fresh SonicWall zero-day, with CVE-2025-23006 for unauthenticated remote code ...
SecurityWeek

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear

The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager ...
SecurityWeek

NMFTA Warns of Surge and Sophistication of Cyber-Enabled Cargo Theft

The National Motor Freight Traffic Association (NMFTA) has issued another warning to the logistics and transportation ...
SecurityWeek

New $150 Cellik RAT Grants Android Control, Trojanizes Google Play Apps

The Cellik Android RAT includes advanced spyware capabilities, offers remote device access, and can wrap its payload inside ...
SecurityWeek

Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking

Five predictions that will shape the cybersecurity landscape in 2026. Several structural shifts are becoming impossible to ...
SecurityWeek

Auto Parts Giant LKQ Confirms Oracle EBS Breach

LKQ has confirmed that it has been impacted by the recent cybercrime campaign targeting customers of the Oracle EBS solution.
SecurityWeek

GhostPoster Firefox Extensions Hide Malware in Icons

Tens of thousands of users have installed GhostPoster Firefox extensions, which rely on steganography to hide malware in ...