SecurityWeek Briefing.

"Apple improving malware detection, cybersecurity funding, cyber command chief fired."

 Views expressed in this cybersecurity, cyber crime update are those of the reporters an correspondents.  Accessed on 04 April 2025, 1544 UTC.

Content and Source:  Email subscription via https://feedly.com.

https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Ffeeds.feedburner.com%2FSecurityweek

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

SecurityWeek

86K followers50 articles per week

#security#tech

42

Today

In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired

6 TTPs

•

by SecurityWeek News / 1h

Noteworthy stories that might have slipped under the radar: Apple adding TCC events to Endpoint Security, cybersecurity funding report for Q1 2025, Trump fires the head of NSA and Cyber Command. The post appeared first on SecurityWeek .

State Bar of Texas Says Personal Information Stolen in Ransomware Attack

3 TTPs

•

by Ionut Arghire / 2h

•

Texas Bar data breach by ransomware

The State Bar of Texas is notifying thousands of individuals that their personal information was stolen in a February ransomware attack. The post appeared first on SecurityWeek .

US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations

4 TTPs

•

by Ionut Arghire / 3h

•

Fast flux poses national security threat

US and allied countries warn of threat actors using the “fast flux” technique to change DNS records and hide malicious servers’ locations. The post appeared first on SecurityWeek .

Oracle Confirms Cloud Hack

7 TTPs

•

by Eduard Kovacs / 5h

•

Oracle faces criticism over security incidents

Oracle has confirmed suffering a data breach but the tech giant is apparently trying to downplay the impact of the incident. The post appeared first on SecurityWeek .

Critical Apache Parquet Vulnerability Leads to Remote Code Execution

2 TTPs

•

by Ionut Arghire / 5h

•

CVE-2025-30065

A critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise. The post appeared first on SecurityWeek .

Yesterday

Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack

3 TTPs

•

by Ionut Arghire / 5h

•

GitHub supply chain attack traced

Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack. The post appeared first on SecurityWeek .

Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances

2 TTPs

•

by Ryan Naraine / 22h

•

CVE-2025-22457

Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post appeared first on SecurityWeek .

Halo ITSM Vulnerability Exposed Organizations to Remote Hacking

2 TTPs

•

by Eduard Kovacs / 23h

An unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data. The post appeared first on SecurityWeek .

Hunters International Ransomware Gang Rebranding, Shifting Focus

9 TTPs

•

by Ionut Arghire / 1d

•

Hunters International shifts from ransomware

The notorious cybercrime group Hunters International is dropping ransomware to focus on data theft and extortion. The post appeared first on SecurityWeek .

Cybersecurity M&A Roundup: 23 Deals Announced in March 2025

by Eduard Kovacs / 1d

Less than two dozen cybersecurity merger and acquisition (M&A) deals were announced in March 2025. The post appeared first on SecurityWeek .

39 Million Secrets Leaked on GitHub in 2024

Secrets management critical for security

•

by Ionut Arghire / 1d

GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected. The post appeared first on SecurityWeek .

Two CVEs, One Critical Flaw: Inside the CrushFTP Vulnerability Controversy

CVE-2025-31161

•

by Eduard Kovacs / 1d

Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’. The post appeared first on SecurityWeek .

Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks

3 TTPs

•

by Ionut Arghire / 1d

Cisco fixes two high-severity denial-of-service vulnerabilities in Meraki devices and Enterprise Chat and Email. The post appeared first on SecurityWeek .

Apr 2, 2025

Google Released Second Fix for Quick Share Flaws After Patch Bypass

Adversary-in-the-Middle (Enterprise T1557)

•

by Ionut Arghire / 1d

Google’s patches for Quick Share for Windows vulnerabilities leading to remote code execution were incomplete and could be easily bypassed. The post appeared first on SecurityWeek .

Serial Entrepreneurs Raise $43M to Counter AI Deepfakes, Social Engineering

Adaptive Security raises 43M$ funding

•

by Ryan Naraine / 1d

Adaptive is pitching a security platform designed to replicate real-world attack scenarios through AI-generated deepfake simulations. The post appeared first on SecurityWeek .

Vulnerabilities Expose Jan AI Systems to Remote Manipulation

3 TTPs

•

by Ionut Arghire / 1d

Vulnerabilities in open source ChatGPT alternative Jan AI expose systems to remote, unauthenticated manipulation. The post appeared first on SecurityWeek .

Cyberhaven Banks $100 Million in Series D, Valuation Hits $1 Billion

Cyberhaven raises 100M Series D

•

by Ryan Naraine / 2d

Cyberhaven bags $100 million in funding at a billion-dollar valuation, a sign that investors remain bullish on data security startups. The post appeared first on SecurityWeek .

AI Giving Rise of the ‘Zero-Knowledge’ Threat Actor

by Etay Maor / 2d

The rise of zero-knowledge threat actors powered by AI marks a turning point in the business of cybercrime where sophisticated attacks are no longer confined to skilled attackers. The post appeared first on SecurityWeek .

Google DeepMind Unveils Framework to Exploit AI’s Cyber Weaknesses

by Kevin Townsend / 2d

DeepMind found that current AI frameworks are ad hoc, not systematic, and fail to provide defenders with useful insights. The post appeared first on SecurityWeek .

North Korea’s IT Operatives Are Exploiting Remote Work Globally

North Korean IT workers expand operations

•

by Kevin Townsend / 2d

The global rise of North Korean IT worker infiltration poses a serious cybersecurity risk—using fake identities, remote access, and extortion to compromise organizations. The post appeared first on SecurityWeek .

ImageRunner Flaw Exposed Sensitive Information in Google Cloud

3 TTPs

•

by Eduard Kovacs / 2d

Google has patched a Cloud Run vulnerability dubbed ImageRunner that could have been exploited to gain access to sensitive data. The post appeared first on SecurityWeek .

Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks

8 TTPs

•

by Eduard Kovacs / 2d

•

Lazarus group targets crypto job seekers

North Korea’s Lazarus hackers are using the ClickFix technique for malware deployment in fresh attacks targeting the cryptocurrency ecosystem. The post appeared first on SecurityWeek .

Questions Remain Over Attacks Causing DrayTek Router Reboots

2 TTPs

•

by Eduard Kovacs / 2d

DrayTek has shared some clarifications regarding the recent attacks causing router reboots, but some questions remain unanswered. The post appeared first on SecurityWeek .

Google Brings End-to-End Encrypted Emails to All Enterprise Gmail Users

Gmail introduces end-to-end encryption

•

by Ionut Arghire / 2d

Gmail now allows enterprise users to send end-to-end encrypted emails to colleagues, and will soon allow sending to any inbox. The post appeared first on SecurityWeek .

Apr 1, 2025

Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities

2 TTPs

•

by Ionut Arghire / 2d

Chrome 135 and Firefox 137 were released on Tuesday with fixes for several high-severity memory safety vulnerabilities. The post appeared first on SecurityWeek .

Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities

Execution (Enterprise TA0002)

•

by Ryan Naraine / 2d

Using the Security Copilot tool, Microsoft discovered 20 critical vulnerabilities in widely deployed open-source bootloaders. The post appeared first on SecurityWeek .

Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogs

Backdoor found in Unitree robot

•

by Ryan Naraine / 2d

An undocumented remote access backdoor in the Unitree Go1 Robot Dog allows remote control over the tunnel network and use of the vision cameras to see through their eyes. The post appeared first on SecurityWeek .

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals

24,000 IPs target Palo Alto GlobalProtect

•

by Ionut Arghire / 3d

GreyNoise warns of a coordinated effort probing the internet for potentially vulnerable Palo Alto Networks GlobalProtect instances. The post appeared first on SecurityWeek .

Security Operations Firm ReliaQuest Raises $500M at $3.4B Valuation

ReliaQuest raises over 500M$

•

by Eduard Kovacs / 3d

ReliaQuest has announced a new growth funding round that brings the total raised by the firm to over $830 million. The post appeared first on SecurityWeek .

Ransomware Group Takes Credit for National Presto Industries Attack

3 TTPs

•

by Ionut Arghire / 3d

•

National Defense Corporation ransomware attack

A ransomware group has claimed responsibility for a March cyberattack on National Presto Industries subsidiary National Defense Corporation. The post appeared first on SecurityWeek .

Critical Vulnerability Found in Canon Printer Drivers

by Eduard Kovacs / 3d

Microsoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers. The post appeared first on SecurityWeek .

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability

by Eduard Kovacs / 3d

Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161. The post appeared first on SecurityWeek .

Check Point Responds to Hacking Claims

2 TTPs

•

by Ionut Arghire / 3d

•

Check Point breach claims disputed

Check Point has responded to a hacker’s claims of sensitive data theft, confirming an incident but saying that it had limited impact. The post appeared first on SecurityWeek .

Apple Patches Recent Zero-Days in Older iPhones

2 TTPs

•

by Ionut Arghire / 3d

Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models. The post appeared first on SecurityWeek .

France’s Antitrust Watchdog Fines Apple for Problems With App Tracking Transparency

Apple fined 150 million euros

•

by Associated Press / 3d

France’s antitrust watchdog fined Apple 150 million euros ($162 million) over a privacy feature protecting users from apps snooping on them. The post appeared first on SecurityWeek .

Mar 31, 2025

Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory

6 TTPs

•

by Ionut Arghire / 4d

•

Malware targets WordPress mu-plugins directory

Sucuri has discovered multiple malware families deployed in the WordPress mu-plugins directory to evade routine security checks. The post appeared first on SecurityWeek .

Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program

by Trevin Edgeworth / 4d

A strong security program will sometimes require substantial organizational and cultural changes around security practices, and inevitably, a higher cost. The post appeared first on SecurityWeek .

Hacker Leaks Samsung Customer Data

3 TTPs

•

by Ionut Arghire / 4d

•

Samsung data leak exposes 270000 tickets

Hacker leaks 270,000 customer tickets allegedly stolen from Samsung Germany using long-compromised credentials. The post appeared first on SecurityWeek .

Part of EU’s New €1.3 Billion Investment Going to Cybersecurity

EU invests 1.3 billion euros

•

by Eduard Kovacs / 4d

The European Commission plans on investing €1.3 billion ($1.4 billion) in cybersecurity, artificial intelligence and digital skills. The post appeared first on SecurityWeek .

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft

Input Capture (Mobile T1417)

•

by Ionut Arghire / 4d

•

Crocodilus malware targets Android devices

The newly identified Android banking trojan Crocodilus takes over devices, enabling overlay attacks, remote control, and keylogging. The post appeared first on SecurityWeek .

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks

12 TTPs

•

by Ionut Arghire / 4d

CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day. The post appeared first on SecurityWeek .

170,000 Impacted by Data Breach at Chord Specialty Dental Partners

2 TTPs

•

by Eduard Kovacs / 4d

An email security incident at Chord Specialty Dental Partners, a US dental service organization, has impacted more than 170,000 people. The post appeared first on SecurityWeek .

End of feed