Vulnerabilities

Google Paid Out $12 Million via Bug Bounty Programs in 2024

Google Paid Out $12 Million via Bug Bounty Programs in 2024 2025-03-10 at 14:18 By Ionut Arghire In 2024, Google paid out nearly $12 million in bug bounties through its revamped vulnerability reward programs. The post Google Paid Out $12 Million via Bug Bounty Programs in 2024 appeared first on SecurityWeek. This article is an […]

Google Paid Out $12 Million via Bug Bounty Programs in 2024 Read More »

In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report

In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report 2025-03-07 at 19:02 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Google discloses AMD CPU flaw named EntrySign, ISPs in the US and China targeted in massive attack, ENISA report on NIS2 Directive. The post In Other News: EntrySign

In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report Read More »

Russian State Actors: Development in Group Attributions

Russian State Actors: Development in Group Attributions 2025-03-07 at 16:33 By Pawel Knapczyk and Nikita Kazymirskyi This is the final installment of Trustwave SpiderLabs Russia-Ukraine digital battlefield series, which has spanned topics including the differences between Russia and Ukraine cyber actors, how government entities, defense organizations, and human targets were caught in the cyber crossfire,

Russian State Actors: Development in Group Attributions Read More »

A Deep Dive into Strela Stealer and how it Targets European Countries

A Deep Dive into Strela Stealer and how it Targets European Countries 2025-03-07 at 00:01 By Dawid Nesterowicz Infostealers have dominated the malware landscape due to the ease of threat operations maintenance, and a wide group of potential victims. In this blog, we take a closer look at a unique infostealer designed to precisely target

A Deep Dive into Strela Stealer and how it Targets European Countries Read More »

Defending Manufacturing: How Cybercriminals Are Targeting the Industry and How to Respond

Defending Manufacturing: How Cybercriminals Are Targeting the Industry and How to Respond 2025-03-06 at 19:34 By Cyber Threats in Manufacturing: The 2025 Trustwave Risk Radar Report highlights how cybercriminals exploit vulnerabilities in manufacturing infrastructure, workers, and digital supply chains, with over 3,500 critical vulnerabilities listed on CISA’s KEV list. Top Manufacturing Cyber Risks: Attackers leverage high-profile exploits

Defending Manufacturing: How Cybercriminals Are Targeting the Industry and How to Respond Read More »

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks 2025-03-06 at 12:03 By Eduard Kovacs Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days. The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks Read More »

The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure

The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure 2025-03-05 at 16:08 By Pawel Knapczyk and Nikita Kazymirskyi This post is the third part of our blog series that tackles the Russia-Ukraine war in the digital realm. This article is an excerpt from SpiderLabs Blog View Original Source

The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure Read More »

Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities

Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities 2025-03-05 at 13:15 By Ionut Arghire Chrome 134 and Firefox 136 are rolling out across desktop and mobile with patches for multiple high-severity vulnerabilities. The post Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities Read More »

Vulnerabilities Patched in Qualcomm, Mediatek Chipsets

Vulnerabilities Patched in Qualcomm, Mediatek Chipsets 2025-03-04 at 14:54 By Ionut Arghire Chip makers Qualcomm and Mediatek have released patches for many vulnerabilities across their products. The post Vulnerabilities Patched in Qualcomm, Mediatek Chipsets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Vulnerabilities Patched in Qualcomm, Mediatek Chipsets Read More »

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild 2025-03-04 at 14:22 By Eduard Kovacs Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation. The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild Read More »

Google Patches Pair of Exploited Vulnerabilities in Android

Google Patches Pair of Exploited Vulnerabilities in Android 2025-03-04 at 13:52 By Ionut Arghire Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild. The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Patches Pair of Exploited Vulnerabilities in Android Read More »

Exploitation Long Known for Most of CISA’s Latest KEV Additions

Exploitation Long Known for Most of CISA’s Latest KEV Additions 2025-03-04 at 13:02 By Eduard Kovacs Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog. The post Exploitation Long Known for Most of CISA’s Latest KEV Additions appeared first on SecurityWeek. This article

Exploitation Long Known for Most of CISA’s Latest KEV Additions Read More »

Vulnerable Paragon Driver Exploited in Ransomware Attacks

Vulnerable Paragon Driver Exploited in Ransomware Attacks 2025-03-03 at 14:04 By Ionut Arghire Ransomware operators exploit a vulnerable Paragon driver in BYOVD attacks to elevate privileges to System. The post Vulnerable Paragon Driver Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Vulnerable Paragon Driver Exploited in Ransomware Attacks Read More »

Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist

Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist 2025-02-28 at 23:02 By Ryan Naraine Amnesty International publishes technical details on zero-day vulnerabilities exploited by Cellebrite’s mobile forensic tools to spy on a Serbian student activist. The post Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist appeared first on SecurityWeek. This article

Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist Read More »

Trustwave SpiderLabs Insights: Cyberattack Methods Targeting Manufacturing

Trustwave SpiderLabs Insights: Cyberattack Methods Targeting Manufacturing 2025-02-28 at 16:12 By When it comes to choosing a manufacturer to target for attack, threat groups have a healthy list of tools from which to choose. All of which are made more powerful due to this industry’s complex cybersecurity posture, driven by the increasing integration of IT/OT

Trustwave SpiderLabs Insights: Cyberattack Methods Targeting Manufacturing Read More »

Bridging the Gap: Why IT and OT Convergence is Reshaping Manufacturing

Bridging the Gap: Why IT and OT Convergence is Reshaping Manufacturing 2025-02-27 at 16:02 By The line between Information Technology (IT) and Operational Technology (OT) has been blurring for years and what once were two distinct realms — IT managing data and networks, and OT controlling physical processes on the production floor — are now

Bridging the Gap: Why IT and OT Convergence is Reshaping Manufacturing Read More »

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw 2025-02-27 at 15:22 By Eduard Kovacs The websites of dozens of major private and government organizations have been abused in a massive spam campaign that involves exploitation of a vulnerability affecting widely used virtual tour software. The attacks were observed recently by

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw Read More »

Cisco Patches Vulnerabilities in Nexus Switches

Cisco Patches Vulnerabilities in Nexus Switches 2025-02-27 at 14:03 By Eduard Kovacs Cisco has patched command injection and DoS vulnerabilities affecting some of its Nexus switches, including a high-severity flaw. The post Cisco Patches Vulnerabilities in Nexus Switches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches Vulnerabilities in Nexus Switches Read More »

2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing

2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing 2025-02-26 at 16:06 By 2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key cybersecurity challenges facing the manufacturing sector in 2025, including ransomware, phishing, and vulnerabilities in legacy systems and connected devices. Manufacturing Cybersecurity: IT/OT Convergence and Breach Methods Exposed: Explore two in-depth

2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing Read More »

2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector

2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector 2025-02-26 at 16:06 By 2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key cybersecurity challenges facing the manufacturing sector in 2025, including ransomware, phishing, and vulnerabilities in legacy systems and connected devices. Manufacturing Cybersecurity: IT/OT Convergence and Breach Methods

2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector Read More »

Scroll to Top