SecurityWeek

Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking

Recent Notepad++ releases address a vulnerability that has allowed threat actors to hijack the free source code editor’s ...
SecurityWeek

MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities

MITRE has released the 2025 CWE Top 25 most dangerous software vulnerabilities list, which includes three new buffer overflow ...
SecurityWeek

Former Accenture Employee Charged Over Cybersecurity Fraud

Ex Accenture employee Danielle Hillmer indicted over lying about the implemented security controls in the contractor’s cloud ...
SecurityWeek

In Other News: PromptPwnd Attack, macOS Bounty Complaints, Chinese Hackers Trained in Cisco Academy

Pentagon orders accelerated move to PQC, US shuts down scheme to smuggle GPUs to China, DroidLock Android ransomware.
SecurityWeek

Pierce County Library Data Breach Impacts 340,000

Pierce County Library has disclosed a data breach impacting the personal information of 340,000 patrons and employees.
SecurityWeek

Fieldtex Data Breach Impacts 238,000

The healthcare data breach tracker maintained by the US Department of Health and Human Services revealed this week that the ...
SecurityWeek

Google Patches Mysterious Chrome Zero-Day Exploited in the Wild

Google has released a Chrome security update to patch a mysterious zero-day vulnerability that is actively exploited in the ...
SecurityWeek

MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations

MITRE has published the results of the 2025 ATT&CK Evaluations for enterprise cybersecurity solutions and some firms boasted.
SecurityWeek

Ivanti EPM Update Patches Critical Remote Code Execution Flaw

A critical Ivanti EPM vulnerability could allow unauthenticated attackers to execute arbitrary code remotely with ...
SecurityWeek

SAP Patches Critical Vulnerabilities With December 2025 Security Updates

SAP released 14 new security notes, including 3 addressing critical vulnerabilities in Solution Manager, Commerce Cloud, and ...
SecurityWeek

US Indicts Extradited Ukrainian on Charges of Aiding Russian Hacking Groups

US charges Ukrainian national Victoria Dubranova for supporting CARR and NoName, two Russia-backed hacktivist groups.
SecurityWeek

Gladinet CentreStack Flaw Exploited to Hack Organizations

Threat actors have exploited a vulnerability in Gladinet CentreStack to retrieve cryptographic keys and compromise nine ...