SecurityWeek Briefing.

"Open AI offering $100K bounties for critical vulnerabilities."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 26 March 2025, 2254 UTC.

Conent and Source:  Email subscription from https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Ffeeds.feedburner.com%2FSecurityweek

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

SecurityWeek

85K followers48 articles per week

#security#tech

58

Today

OpenAI Offering $100K Bounties for Critical Vulnerabilities

by Ryan Naraine / 3h

OpenAI has raised its maximum bug bounty payout to $100,000 (up from $20,000) for high-impact flaws in its infrastructure and products. The post appeared first on SecurityWeek .

Russian Ransomware Gang Exploited Windows Zero-Day Before Patch

6 TTPs

•

by Ryan Naraine / 6h

•

CVE-2025-26633

Exploitation of Windows MMC zero-day is being pinned on a ransomware gang known as EncryptHub (an affiliate of RansomHub) The post appeared first on SecurityWeek .

AMTSO Releases Sandbox Evaluation Framework

by Eduard Kovacs / 7h

AMTSO has developed a Sandbox Evaluation Framework to standardize the testing of malware analysis solutions. The post appeared first on SecurityWeek .

Island Banks $250M Series E for Enterprise Browser

Island raises 250M at 4.8B valuation

•

by Ryan Naraine / 7h

The late-stage startup said the round was led Coatue Management and brings Island’s total external funding to approximately $730 million. The post appeared first on SecurityWeek .

New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest

2 TTPs

•

by Ionut Arghire / 10h

•

Arkana ransomware targets WideOpenWest

A new ransomware group called Arkana claims to have compromised the US telecommunications provider WideOpenWest. The post appeared first on SecurityWeek .

SplxAI Raises $7 Million for AI Security Platform

by Ionut Arghire / 10h

SplxAI has raised $7 million in a seed funding round led by LAUNCHub Ventures to secure agentic AI systems. The post appeared first on SecurityWeek .

Vulnerabilities Allow Remote Hacking of Inaba Plant Monitoring Cameras

2 TTPs

•

by Eduard Kovacs / 10h

Production line monitoring cameras made by Inaba can be hacked for surveillance and sabotage, but they remain unpatched. The post appeared first on SecurityWeek .

macOS Users Warned of New Versions of ReaderUpdate Malware

IoC > 1 domain

•

by Ionut Arghire / 11h

•

5 TTPs

macOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages. The post appeared first on SecurityWeek .

Critical Next.js Vulnerability in Hacker Crosshairs

3 TTPs

•

by Ionut Arghire / 12h

•

CVE-2025-29927

Threat actors have started probing servers impacted by a critical-severity vulnerability in the web application development framework Next.js. The post appeared first on SecurityWeek .

Security Firms Say Evidence Seems to Confirm Oracle Cloud Hack

by Eduard Kovacs / 12h

Despite Oracle categorically denying that its Cloud systems have been breached, sample data released by the hacker seems to prove otherwise. The post appeared first on SecurityWeek .

Yesterday

Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky

6 TTPs

•

by Ryan Naraine / 1d

•

CVE-2025-2783

The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks targeting organizations in Russia. The post appeared first on SecurityWeek .

Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots

2 TTPs

•

by Eduard Kovacs / 1d

DrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability. The post appeared first on SecurityWeek .

VMware Patches Authentication Bypass Flaw in Windows Tools Suite

CVE-2025-22230 & 1 other

•

by SecurityWeek News / 1d

The authentication bypass vulnerability, tagged as CVE-2025-22230, carries a CVSS severity score of 7.8/10. The post appeared first on SecurityWeek .

Microsoft Adds AI Agents to Security Copilot

Microsoft enhances Security Copilot agents

•

by Ionut Arghire / 1d

Microsoft has expanded the capabilities of Security Copilot with AI agents tackling data security, phishing, and identity management. The post appeared first on SecurityWeek .

Charm Security Emerges From Stealth With $8 Million in Funding

Charm Security raises 8M$ for fraud

•

by Ionut Arghire / 1d

Charm Security has emerged from stealth mode with $8 million in funding for AI-powered scams and social engineering prevention. The post appeared first on SecurityWeek .

Numotion Data Breach Impacts Nearly 500,000 People

5 TTPs

•

by Eduard Kovacs / 1d

Email-related data breach suffered by wheelchair and other mobility equipment provider Numotion affects almost 500,000 individuals. The post appeared first on SecurityWeek .

Chinese APT Weaver Ant Targeting Telecom Providers in Asia

18 TTPs

•

by Ionut Arghire / 1d

•

Weaver Ant targets telecoms for espionage

Weaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access. The post appeared first on SecurityWeek .

Ransomware Shifts Tactics as Payouts Drop: Critical Infrastructure in the Crosshairs

10 TTPs

•

by Kevin Townsend / 1d

•

Ransomware attacks surge despite payments

Threats themselves change very little, but the tactics used are continually revised to maximize the criminals’ return on investment and effort. The post appeared first on SecurityWeek .

Hacker Conversations: Frank Trezza – From Phreaker to Pentester

by Kevin Townsend / 1d

Frank Trezza is fairly typical of most hackers. Early pranks sometimes leading to something more serious. The post appeared first on SecurityWeek .

300 Arrested in Crackdown on Cybercrime Rings in Africa

Operation Red Card arrests 306 suspects

•

by Ionut Arghire / 1d

Authorities in seven African countries arrested 300 suspects in an international crackdown on cybercriminal networks targeting businesses. The post appeared first on SecurityWeek .

IngressNightmare Flaws Expose Kubernetes Clusters to Remote Hacking

Execution (Enterprise TA0002)

•

by Eduard Kovacs / 1d

•

Kubernetes Ingress vulnerabilities expose clusters

Critical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes. The post appeared first on SecurityWeek .

Mar 24, 2025

NIST Still Struggling to Clear Vulnerability Submissions Backlog in NVD

by Ryan Naraine / 2d

The effects of the backlog are already being felt in vulnerability management circles where NVD data promises an enriched source of truth. The post appeared first on SecurityWeek .

Oracle Denies Cloud Breach After Hacker Offers to Sell Data

2 TTPs

•

by Eduard Kovacs / 2d

Oracle has denied that Cloud systems have been breached after a hacker claimed to have stolen millions of records. The post appeared first on SecurityWeek .

Russian Firm Offers $4 Million for Telegram Exploits

Russian firm offers $4M Telegram exploits

•

by Ionut Arghire / 2d

A Russian exploit acquisition firm is offering up to $4 million for a full-chain exploit targeting messaging service Telegram. The post appeared first on SecurityWeek .

Webinar Today: Which Security Testing Approach is Right for You?

by SecurityWeek News / 2d

Which Security Testing Approach is Right for You: BAS, Automated Penetration Testing, or Both? The post appeared first on SecurityWeek .

US Lifts Sanctions Against Crypto Mixer Tornado Cash

Coinbase criticizes Treasury over Tornado Cash

•

by Ionut Arghire / 2d

The US Department of the Treasury has removed sanctions against the fully decentralized cryptocurrency mixer service Tornado Cash. The post appeared first on SecurityWeek .

Despite Rip-and-Replace Efforts, FCC Suspects Banned Chinese Telecom Providers Still Active in US

US investigates Chinese telecom firms

•

by Eduard Kovacs / 2d

The FCC is investigating whether Chinese firms such as Huawei, ZTE and China Telecom are still operating in the US. The post appeared first on SecurityWeek .

Medusa Ransomware Uses Malicious Driver to Disable Security Tools

8 TTPs

•

by Ionut Arghire / 2d

•

ABYSSWORKER driver disrupts EDR systems

The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems. The post appeared first on SecurityWeek .

Encrypted Messaging Apps Promise Privacy. Government Transparency Is Often the Price

Government agencies misuse messaging apps

•

by Associated Press / 2d

Public officials and private citizens are consistently warned about hacking and data leaks, but technologies designed to increase privacy often decrease government transparency. The post appeared first on SecurityWeek .

NetSfere Launches Quantum-Resilient Messaging Platform for Enterprise and Government Use

by Kevin Townsend / 2d

NetSfere Integrates ML-KEM and AES into its text, voice and video messaging platform to meet 2027 NSA Quantum Security mandates. The post appeared first on SecurityWeek .

Albabat Ransomware Expands Targets, Abuses GitHub

10 TTPs

•

by Ionut Arghire / 2d

•

Albabat ransomware targets multiple OS

New versions of the Albabat ransomware target Windows, Linux, and macOS, and retrieve configuration files from GitHub. The post appeared first on SecurityWeek .

Mar 21, 2025

Ransomware Group Claims Attack on Virginia Attorney General’s Office

3 TTPs

•

by Ionut Arghire / 5d

•

Cloak ransomware attacks Virginia Attorney General

The Cloak ransomware group has claimed responsibility for a February cyberattack on Virginia Attorney General’s Office. The post appeared first on SecurityWeek .

New Jailbreak Technique Uses Fictional World to Manipulate AI

New LLM jailbreak enables malware creation

•

by Ionut Arghire / 5d

Cato Networks discovers a new LLM jailbreak technique that relies on creating a fictional world to bypass a model’s security controls. The post appeared first on SecurityWeek .

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley

7 TTPs

•

by Ionut Arghire / 5d

•

China's FishMonger APT targets global entities

The FishMonger APT group, a subdivision of Chinese cybersecurity firm I-Soon, compromised seven organizations in a 2022 campaign. The post appeared first on SecurityWeek .

Industry Reactions to Google Buying Wiz: Feedback Friday

Google acquires Wiz for $32B

•

by Eduard Kovacs / 5d

Industry professionals comment on Google acquiring cloud security giant Wiz for $32 billion in cash. The post appeared first on SecurityWeek .

Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover

3 TTPs

•

by Ionut Arghire / 5d

•

Ascom Holding AG hit by ransomware

The Hellcat ransomware group claims to have stolen tens of gigabytes of data from Ascom and Jaguar Land Rover. The post appeared first on SecurityWeek .

Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes’ Intimate Photos

Coach charged with hacking athletes' accounts

•

by Associated Press / 5d

Former NFL and University of Michigan assistant football coach Matt Weiss hacked into the computer accounts of thousands of college athletes seeking intimate photos and videos. The post appeared first on SecurityWeek .

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed

6 TTPs

•

by Eduard Kovacs / 5d

•

CVE-2025-30066

More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause. The post appeared first on SecurityWeek .

Mar 20, 2025

Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing

Browser-based phishing attacks surge 140%

•

by Kevin Townsend / 6d

Analysis reveals a 140% increase in browser phishing, including a 130% increase in zero-hour phishing attacks. The post appeared first on SecurityWeek .

Dataminr Raises $85 Million for AI-Powered Information Platform

Dataminr secures 85M funding

•

by Ionut Arghire / 6d

Real-time event and risk detection firm Dataminr has raised $85 million from NightDragon and HSBC to accelerate AI development. The post appeared first on SecurityWeek .

CISA Warns of Exploited Nakivo Vulnerability

3 TTPs

•

by Ionut Arghire / 6d

CISA has added an absolute path traversal bug in Nakivo Backup and Replication to its Known Exploited Vulnerabilities list. The post appeared first on SecurityWeek .

Through the Lens of Music: What Cybersecurity Can Learn From Joni Mitchell

by Joshua Goldfarb / 6d

A Joni Mitchell song from the 1960s can teach us a lot about securing hybrid and multi-cloud environments. The post appeared first on SecurityWeek .

Veeam Patches Critical Vulnerability in Backup & Replication

2 TTPs

•

by Ionut Arghire / 6d

•

CVE-2025-23120

Veeam has released patches for a critical-severity remote code execution vulnerability in Backup & Replication. The post appeared first on SecurityWeek .

500,000 Impacted by Pennsylvania Teachers Union Data Breach

4 TTPs

•

by Ionut Arghire / 6d

•

Pennsylvania State Education Association data

Pennsylvania State Education Association says the personal information of over 500,000 individuals was stolen in a data breach. The post appeared first on SecurityWeek .

Hackers Target Cisco Smart Licensing Utility Vulnerabilities

2 TTPs

•

by Eduard Kovacs / 6d

SANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440. The post appeared first on SecurityWeek .

Amazon Ends Little-Used Privacy Feature That Let Echo Users Opt Out of Sending Recordings to Company

Amazon disables local voice processing

•

by Associated Press / 6d

Amazon is ending a little-used privacy feature that let some users of its Echo smart speaker prevent their voice commands from going to the company’s cloud. The post appeared first on SecurityWeek .

300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads

7 TTPs

•

by Ionut Arghire / 6d

•

Over 300 malicious apps discovered

Over 300 malicious applications displaying intrusive full-screen interstitial video ads amassed more than 60 million downloads on Google Play. The post appeared first on SecurityWeek .

Paragon Spyware Attacks Exploited WhatsApp Zero-Day

WhatsApp patches zero-click vulnerability

•

by Eduard Kovacs / 6d

Attacks involving Paragon’s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction. The post appeared first on SecurityWeek .