🏳️Cybersecurity News, Insights and Analysis | SecurityWeek

Website faviconsecurityweek.com

SecurityWeek provides cybersecurity news and information to global enterprises, with expert insights & analysis for IT security professionals

### SECURITYWEEK NETWORK:

*   [Cybersecurity News](https://www.securityweek.com "Cybersecurity news and information")

*   [Webcasts](https://gateway.on24.com/wcc/eh/1220486/securityweek-webcast-library "SecurityWeek cybersecurity webcast library on demand")

*   [Virtual Events](https://www.securitysummits.com/ "Virtual Cybersecurity Events")

### ICS:

*   [ICS Cybersecurity Conference](https://www.icscybersecurityconference.com/)

[](https://www.securityweek.com/)

Connect with us

*   [](https://www.facebook.com/SecurityWeekCom-366251913615/)

*   [](https://twitter.com/securityweek)

*   [](https://www.linkedin.com/company/securityweek/)

Hi, what are you looking for?

[](https://ads.securityweek.com/redirect.spark?MID=179018&plid=2803232&setID=593293&channelID=0&CID=1048179&banID=522788107&PID=0&textadID=0&tc=1&rnd=8068195&scheduleID=2738870&adSize=970x250&mt=1741435160698079&sw=1920&sh=1080&spr=1&referrer=https%3A%2F%2Fwww.securityweek.com%2F&hc=de446727e139b5da25ac218b8047a3f94cb29c34&location=)

#### Latest Cybersecurity News

[

US Seize Garantex in Cryptocurrency Money Laundering Bust

---------------------------------------------------------

](https://www.securityweek.com/us-seize-garantex-in-cryptocurrency-money-laundering-bust/)

Two men linked to Garantex are accused of facilitating multi-billion dollar money laundering and sanctions violations.

[

In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report

----------------------------------------------------------------------------

](https://www.securityweek.com/in-other-news-entrysign-amd-flaw-massive-attack-targets-isps-enisa-report/)

Noteworthy stories that might have slipped under the radar: Google discloses AMD CPU flaw named EntrySign, ISPs in the US and China targeted in massive attack, ENISA report on NIS2 Directive.

[

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets

-------------------------------------------------------------

](https://www.securityweek.com/edimax-camera-zero-day-disclosed-by-cisa-exploited-by-botnets/)

Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution.

[FBI: Fake Ransomware Attack Claims Sent to US Executives via Snail Mail 

------------------------------------------------------------------------](https://www.securityweek.com/fbi-fake-ransomware-attack-claims-sent-to-us-executives-via-snail-mail/) 

An extortion group has been sending physical mail to corporate executives, threatening to leak their data unless a ransom is paid.

[Microsoft Says One Million Devices Impacted by Infostealer Campaign 

--------------------------------------------------------------------](https://www.securityweek.com/microsoft-says-one-million-devices-impacted-by-infostealer-campaign/) 

Microsoft has uncovered a malvertising campaign that redirected users to information stealers hosted on GitHub.

[

Cyberattack Disrupts National Presto Industries Operations

----------------------------------------------------------

](https://www.securityweek.com/cyberattack-disrupts-national-presto-industries-operations/)

National Presto Industries says a cyberattack has resulted in a system outage and operational disruptions.

[

18,000 Organizations Impacted by NTT Com Data Breach

----------------------------------------------------

](https://www.securityweek.com/18000-organizations-impacted-by-ntt-com-data-breach/)

NTT Communications Corporation has disclosed a data breach impacting the information of nearly 18,000 customer organizations.

[

Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware

--------------------------------------------------------------------------------

](https://www.securityweek.com/many-schools-report-data-breach-after-retirement-services-firm-hit-by-ransomware/)

Dozens of schools and thousands of individuals are impacted by a data breach resulting from a ransomware attack on Carruth Compliance Consulting.

[

New AI Protection from Google Cloud Tackles AI Risks, Threats, and Compliance

-----------------------------------------------------------------------------

](https://www.securityweek.com/new-ai-protection-from-google-cloud-tackles-ai-risks-threats-and-compliance/)

Google Cloud’s AI Protection helps discover AI inventory, secure AI assets, and manage threats with detect, investigate, and respond capabilities.

[

Medusa Ransomware Attacks Increase

----------------------------------

](https://www.securityweek.com/medusa-ransomware-attacks-increase/)

The number of Medusa ransomware attacks observed in the first two months of 2025 doubled compared to the same period last year.

[

Armis Acquires Otorio to Expand OT and CPS Security Suite

---------------------------------------------------------

](https://www.securityweek.com/armis-acquires-otorio-to-expand-ot-and-cps-security-suite/)

The transaction is valued in the range of $120 million and gives Armis an on-premises CPS solution

#### People on the Move

Sasha Pailet Koff has been named Managing Director of the Cyber Readiness Institute.

Ken Naumann has been appointed CEO of security data analytics company Devo Technology.

Mobile EDR firm iVerify has appointed Mike Rosen as Chief Information Security Officer.

Identity security firm 1Password has appointed Greg Henry as Chief Financial Officer.

Cyber risk management and threat intelligence firm Outpost24 announced the appointment of Omri Kletter as CPO.

[More People On The Move](/industry-moves)

[

](https://www.securityweek.com/edimax-camera-zero-day-disclosed-by-cisa-exploited-by-botnets/)

[

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets

-------------------------------------------------------------

](https://www.securityweek.com/edimax-camera-zero-day-disclosed-by-cisa-exploited-by-botnets/)

Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution.

[

](https://www.securityweek.com/exploited-vmware-esxi-flaws-put-many-at-risk-of-ransomware-other-attacks/)

[

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

-------------------------------------------------------------------------

](https://www.securityweek.com/exploited-vmware-esxi-flaws-put-many-at-risk-of-ransomware-other-attacks/)

Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days.

[

](https://www.securityweek.com/china-hackers-behind-us-treasury-breach-caught-targeting-it-supply-chain/)

[

China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain

------------------------------------------------------------------------

](https://www.securityweek.com/china-hackers-behind-us-treasury-breach-caught-targeting-it-supply-chain/)

Silk Typhoon APT caught using IT supply chain entry points to conduct reconnaissance, siphon data, and move laterally on victim networks.

#### Top Cybersecurity Headlines

[

Ransomware Group Claims Attack on Tata Technologies

---------------------------------------------------

](https://www.securityweek.com/ransomware-group-claims-attack-on-tata-technologies/)

Notorious ransomware group Hunters International threatens to leak 1.4 TB of data allegedly stolen from Tata Technologies.

[

Intel TDX Connect Bridges the CPU-GPU Security Gap

--------------------------------------------------

](https://www.securityweek.com/intel-tdx-connect-bridges-the-cpu-gpu-security-gap/)

AI is all about data – and keeping AI’s data confidential both within devices and between devices is problematic. Intel offers a solution.

[

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild

---------------------------------------------------------

](https://www.securityweek.com/broadcom-patches-3-vmware-zero-days-exploited-in-the-wild/)

Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation.

#### SecurityWeek Industry Experts

[

](https://www.securityweek.com/ai-asset-inventories-the-only-way-to-stay-on-top-of-a-lightning-fast-landscape/)

[

AI Asset Inventories: The Only Way to Stay on Top of a Lightning-fast Landscape

-------------------------------------------------------------------------------

](https://www.securityweek.com/ai-asset-inventories-the-only-way-to-stay-on-top-of-a-lightning-fast-landscape/)

Unauthorized AI usage is a ticking time bomb. A tool that wasn’t considered a risk yesterday may introduce new AI-powered features overnight.

[Alastair Paterson](https://www.securityweek.com/contributors/alastair-paterson/ "Posts by Alastair Paterson") [Read more](https://www.securityweek.com/ai-asset-inventories-the-only-way-to-stay-on-top-of-a-lightning-fast-landscape/)

[

](https://www.securityweek.com/the-hidden-cost-of-compliance-when-regulations-weaken-security/)

[

The Hidden Cost of Compliance: When Regulations Weaken Security

---------------------------------------------------------------

](https://www.securityweek.com/the-hidden-cost-of-compliance-when-regulations-weaken-security/)

The current state of regulation and the overwhelming burden it brings to most enterprises is a discussion worth having

[Joshua Goldfarb](https://www.securityweek.com/contributors/joshua-goldfarb/ "Posts by Joshua Goldfarb") [Read more](https://www.securityweek.com/the-hidden-cost-of-compliance-when-regulations-weaken-security/)

[

](https://www.securityweek.com/failure-rinse-repeat-why-do-both-history-and-security-seem-doomed-to-repeat-themselves/)

[Failure, Rinse, Repeat: Why do Both History and Security Seem Doomed to Repeat Themselves?     

-----------------------------------------------------------------------------------------------](https://www.securityweek.com/failure-rinse-repeat-why-do-both-history-and-security-seem-doomed-to-repeat-themselves/)     

Let’s examine, through the lens of some historic breaches, the five most common mistakes that still serve as a catalyst to compromise.

[Trevin Edgeworth](https://www.securityweek.com/contributors/trevin-edgeworth/ "Posts by Trevin Edgeworth") [Read more](https://www.securityweek.com/failure-rinse-repeat-why-do-both-history-and-security-seem-doomed-to-repeat-themselves/)

[

](https://www.securityweek.com/ai-can-supercharge-productivity-but-we-still-need-a-human-in-the-loop/)

[

AI Can Supercharge Productivity, But We Still Need a Human-in-the-Loop

----------------------------------------------------------------------

](https://www.securityweek.com/ai-can-supercharge-productivity-but-we-still-need-a-human-in-the-loop/)

AI systems can sometimes struggle with complex or nuanced situations, so human intervention can help identify and address potential issues that algorithms might not.

[Marc Solomon](https://www.securityweek.com/contributors/marc-solomon/ "Posts by Marc Solomon") [Read more](https://www.securityweek.com/ai-can-supercharge-productivity-but-we-still-need-a-human-in-the-loop/)

[

](https://www.securityweek.com/how-hackers-manipulate-agentic-ai-with-prompt-engineering/)

[

How Hackers Manipulate Agentic AI With Prompt Engineering

---------------------------------------------------------

](https://www.securityweek.com/how-hackers-manipulate-agentic-ai-with-prompt-engineering/)

Organizations adopting the transformative nature of agentic AI are urged to take heed of prompt engineering tactics being practiced by threat actors.

[Etay Maor](https://www.securityweek.com/contributors/etay-maor/ "Posts by Etay Maor") [Read more](https://www.securityweek.com/how-hackers-manipulate-agentic-ai-with-prompt-engineering/)

[More Expert Insights](/industry-experts)

[](https://ads.securityweek.com/redirect.spark?MID=179018&plid=2803238&setID=432127&channelID=0&CID=1048179&banID=522788111&PID=0&textadID=0&tc=1&rnd=8068195&scheduleID=2738876&adSize=300x250&mt=1741435160698255&sw=1920&sh=1080&spr=1&referrer=https%3A%2F%2Fwww.securityweek.com%2F&hc=1ec355051886f39484f5204965fb2f6ec9451c95&location=)

#### Trending

[House Passes Bill Requiring Federal Contractors to Implement Vulnerability Disclosure Policies](https://www.securityweek.com/federal-contractor-cybersecurity-bill-passes-house/)

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

[Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks](https://www.securityweek.com/exploited-vmware-esxi-flaws-put-many-at-risk-of-ransomware-other-attacks/)

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

[18,000 Organizations Impacted by NTT Com Data Breach](https://www.securityweek.com/18000-organizations-impacted-by-ntt-com-data-breach/)

-----------------------------------------------------------------------------------------------------------------------------------------

[China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain](https://www.securityweek.com/china-hackers-behind-us-treasury-breach-caught-targeting-it-supply-chain/)

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

[Broadcom Patches 3 VMware Zero-Days Exploited in the Wild](https://www.securityweek.com/broadcom-patches-3-vmware-zero-days-exploited-in-the-wild/)

----------------------------------------------------------------------------------------------------------------------------------------------------

[Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities](https://www.securityweek.com/chrome-134-firefox-136-patch-high-severity-vulnerabilities/)

-------------------------------------------------------------------------------------------------------------------------------------------------------

[Nigerian Accused of Hacking Tax Preparation Firms Extradited to US](https://www.securityweek.com/nigerian-accused-of-hacking-tax-preparation-firms-extradited-to-us/)

----------------------------------------------------------------------------------------------------------------------------------------------------------------------

[FBI Says North Korea Hacked Bybit as Details of $1.5B Heist Emerge](https://www.securityweek.com/fbi-says-north-korea-hacked-bybit-as-details-of-1-5b-heist-emerge/)

---------------------------------------------------------------------------------------------------------------------------------------------------------------------

Daily Briefing Newsletter

-------------------------

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

*   [Facebook](https://web.facebook.com/SecurityWeekCom-366251913615)

*   [X](https://x.com/securityweek)

*   [Linkedin](https://www.linkedin.com/company/securityweek/)

*   [SecurityWeek RSS Feed](https://feeds.feedburner.com/securityweek)

[

Webinar: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks

-------------------------------------------------------------------------------------------

](https://event.on24.com/wcc/r/4862541/582373A839B134B0ACD8F74EDF5C61CD?partnerref=hwidget)

March 12, 2025

Join this in-depth briefing on how to protect executives and the enterprises they lead from the growing convergence of digital, narrative, and physical attacks.

[Register](https://event.on24.com/wcc/r/4862541/582373A839B134B0ACD8F74EDF5C61CD?partnerref=hwidget)

[

Webinar: Which Security Testing Approach is Right for You?

----------------------------------------------------------

](https://event.on24.com/wcc/r/4871027/4FB2BD96524415E88F9B2D179FBB3A75?partnerref=hwidget)

March 25, 2025

This webinar will guide you in aligning your security testing strategy with the right tools, helping you move beyond identifying weaknesses to effectively validating your overall security posture.

[Register](https://event.on24.com/wcc/r/4871027/4FB2BD96524415E88F9B2D179FBB3A75?partnerref=hwidget)

[](/category/ma)

*   [

    Armis Acquires Otorio to Expand OT and CPS Security Suite

    ---------------------------------------------------------

    ](https://www.securityweek.com/armis-acquires-otorio-to-expand-ot-and-cps-security-suite/)

*   [

    Jamf to Acquire Identity Automation for $215 Million

    ----------------------------------------------------

    ](https://www.securityweek.com/jamf-to-acquire-identity-automation-for-215-million/)

*   [

    Cybersecurity M&A Roundup: 28 Deals Announced in February 2025

    --------------------------------------------------------------

    ](https://www.securityweek.com/cybersecurity-ma-roundup-28-deals-announced-in-february-2025/)

*   [

    CyberArk Expands Identity Security Play With $165M Acquisition of Zilla Security

    --------------------------------------------------------------------------------

    ](https://www.securityweek.com/cyberark-expands-identity-security-play-with-165m-acquisition-of-zilla-security/)

*   [

    SecurityWeek Analysis: Over 400 Cybersecurity M&A Deals Announced in 2024

    -------------------------------------------------------------------------

    ](https://www.securityweek.com/securityweek-analysis-over-400-cybersecurity-ma-deals-announced-in-2024/)

[](https://www.securityweek.com/topics/cyberinsights2025/)

*   [

    Cyber Insights 2025: OT Security

    --------------------------------

    ](https://www.securityweek.com/cyber-insights-2025-ot-security/)

*   [

    Cyber Insights 2025: The CISO Outlook

    -------------------------------------

    ](https://www.securityweek.com/cyber-insights-2025-the-ciso-outlook/)

*   [

    Cyber Insights 2025: Quantum and the Threat to Encryption

    ---------------------------------------------------------

    ](https://www.securityweek.com/cyber-insights-2025-quantum-and-the-threat-to-encryption/)

*   [

    Cyber Insights 2025: Cyberinsurance – The Debate Continues

    ----------------------------------------------------------

    ](https://www.securityweek.com/cyber-insights-2025-cyberinsurance-the-debate-continues/)

*   [

    Cyber Insights 2025: Artificial Intelligence

    --------------------------------------------

    ](https://www.securityweek.com/cyber-insights-2025-artificial-intelligence/)

*   [

    Cyber Insights 2025: Cybersecurity Regulatory Mayhem

    ----------------------------------------------------

    ](https://www.securityweek.com/cyber-insights-2025-cybersecurity-regulatory-mayhem/)

[](/topics/hacker-conversations/)

*   [

    Hacker Conversations: David Kennedy – an Atypical Typical Hacker

    ----------------------------------------------------------------

    ](https://www.securityweek.com/hacker-conversations-david-kennedy-an-atypical-typical-hacker/)

*   [

    Hacker Conversations: Dan McInerney and Puzzle-Driven Hacking

    -------------------------------------------------------------

    ](https://www.securityweek.com/hacker-conversations-dan-mcinerney-and-puzzle-driven-hacking/)

*   [

    Hacker Conversations: Joe Grand – Mischiefmaker, Troublemaker, Teacher

    ----------------------------------------------------------------------

    ](https://www.securityweek.com/hacker-conversations-joe-grand-mischiefmaker-troublemaker-teacher/)

*   [

    Hacker Conversations: Tom Anthony and Scratching an Itch Without Doing Harm

    ---------------------------------------------------------------------------

    ](https://www.securityweek.com/hacker-conversations-tom-anthony-and-scratching-an-itch-without-doing-harm/)

*   [

    Hacker Conversations: Chris Evans, Hacker and CISO

    --------------------------------------------------

    ](https://www.securityweek.com/hacker-conversations-chris-evans-hacker-and-ciso/)

[](/category/ciso-conversations)

*   [

    CISO Conversations: Kevin Winter at Deloitte and Richard Marcus at AuditBoard

    -----------------------------------------------------------------------------

    ](https://www.securityweek.com/ciso-conversations-kevin-winter-at-deloitte-and-richard-marcus-at-auditboard/)

*   [

    CISO Conversations: Julien Soriano (Box) and Chris Peake (Smartsheet)

    ---------------------------------------------------------------------

    ](https://www.securityweek.com/ciso-conversations-julien-soriano-box-and-chris-peake-smartsheet/)

*   [

    CISO Conversations: Jaya Baloo From Rapid7 and Jonathan Trull From Qualys

    -------------------------------------------------------------------------

    ](https://www.securityweek.com/ciso-conversations-jaya-baloo-from-rapid7-and-jonathan-trull-from-qualys/)

*   [

    CISO Conversations: Frank Kim (YL Ventures) and Charles Blauner (Team8)

    -----------------------------------------------------------------------

    ](https://www.securityweek.com/ciso-conversations-frank-kim-yl-ventures-and-charles-blauner-team8/)

*   [

    CISO Conversations: LinkedIn’s Geoff Belknap and Meta’s Guy Rosen

    -----------------------------------------------------------------

    ](https://www.securityweek.com/ciso-conversations-talking-cybersecurity-with-linkedins-geoff-belknap-and-metas-guy-rosen/)

#### Upcoming Cybersecurity Events

[](https://www.airisksummit.com/)

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. \[June 2025, Stay Tuned\]

[Learn More](https://www.airisksummit.com/)

[](https://www.cisoforum.com/)

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

[Learn More](https://www.cisoforum.com/)

[](https://www.securitysummits.com/event/cyber-ai-automation-summit/)

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.**(February 26, 2025)**

[Learn More](https://www.securitysummits.com/event/cyber-ai-automation-summit/)

[](https://www.securitysummits.com/event/supply-chain-security-summit/)

**Supply Chain Security Summit**  

Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. **(March 19, 2025)**

[Learn More](https://www.securitysummits.com/event/supply-chain-security-summit/)

#### Vulnerabilities

*   [](https://www.securityweek.com/in-other-news-entrysign-amd-flaw-massive-attack-targets-isps-enisa-report/)

    [

    In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report

    ----------------------------------------------------------------------------

    ](https://www.securityweek.com/in-other-news-entrysign-amd-flaw-massive-attack-targets-isps-enisa-report/)

    Noteworthy stories that might have slipped under the radar: Google discloses AMD CPU flaw named EntrySign, ISPs in the US and China targeted in… (March 7, 2025)

*   [](https://www.securityweek.com/exploited-vmware-esxi-flaws-put-many-at-risk-of-ransomware-other-attacks/)

    [

    Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

    -------------------------------------------------------------------------

    ](https://www.securityweek.com/exploited-vmware-esxi-flaws-put-many-at-risk-of-ransomware-other-attacks/)

    Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days. (March 6, 2025)

*   [](https://www.securityweek.com/chrome-134-firefox-136-patch-high-severity-vulnerabilities/)

    [

    Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities

    -----------------------------------------------------------

    ](https://www.securityweek.com/chrome-134-firefox-136-patch-high-severity-vulnerabilities/)

    Chrome 134 and Firefox 136 are rolling out across desktop and mobile with patches for multiple high-severity vulnerabilities. (March 5, 2025)

*   [](https://www.securityweek.com/vulnerabilities-patched-in-qualcomm-mediatek-chipsets/)

    [

    Vulnerabilities Patched in Qualcomm, Mediatek Chipsets

    ------------------------------------------------------

    ](https://www.securityweek.com/vulnerabilities-patched-in-qualcomm-mediatek-chipsets/)

    Chip makers Qualcomm and Mediatek have released patches for many vulnerabilities across their products. (March 4, 2025)

#### Cybercrime

*   [](https://www.securityweek.com/fbi-fake-ransomware-attack-claims-sent-to-us-executives-via-snail-mail/)

    [FBI: Fake Ransomware Attack Claims Sent to US Executives via Snail Mail 

    ------------------------------------------------------------------------](https://www.securityweek.com/fbi-fake-ransomware-attack-claims-sent-to-us-executives-via-snail-mail/) 

    An extortion group has been sending physical mail to corporate executives, threatening to leak their data unless a ransom is paid. (March 7, 2025)

*   [](https://www.securityweek.com/cyberattack-disrupts-national-presto-industries-operations/ "Cyberattack Disrupts National Presto Industries Operations")

    [

    Cyberattack Disrupts National Presto Industries Operations

    ----------------------------------------------------------

    ](https://www.securityweek.com/cyberattack-disrupts-national-presto-industries-operations/)

    National Presto Industries says a cyberattack has resulted in a system outage and operational disruptions. (March 7, 2025)

*   [](https://www.securityweek.com/nigerian-accused-of-hacking-tax-preparation-firms-extradited-to-us/ "Nigerian Accused of Hacking Tax Preparation Firms Extradited to US")

    [

    Nigerian Accused of Hacking Tax Preparation Firms Extradited to US

    ------------------------------------------------------------------

    ](https://www.securityweek.com/nigerian-accused-of-hacking-tax-preparation-firms-extradited-to-us/)

    Matthew Akande was extradited to the US to face charges for his role in hacking into Massachusetts tax preparation firms’ networks. (March 6, 2025)

*   [](https://www.securityweek.com/us-sanctions-iranian-administrator-of-nemesis-darknet-marketplace/)

    [

    US Sanctions Iranian Administrator of Nemesis Darknet Marketplace

    -----------------------------------------------------------------

    ](https://www.securityweek.com/us-sanctions-iranian-administrator-of-nemesis-darknet-marketplace/)

    Iranian national Behrouz Parsarad sanctioned for running Nemesis, a marketplace used for narcotics trafficking and cybercrime.  (March 5, 2025)

[

US Seize Garantex in Cryptocurrency Money Laundering Bust

---------------------------------------------------------

](https://www.securityweek.com/us-seize-garantex-in-cryptocurrency-money-laundering-bust/)

Two men linked to Garantex are accused of facilitating multi-billion dollar money laundering and sanctions violations.

March 7, 2025 

[

In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report

----------------------------------------------------------------------------

](https://www.securityweek.com/in-other-news-entrysign-amd-flaw-massive-attack-targets-isps-enisa-report/)

Noteworthy stories that might have slipped under the radar: Google discloses AMD CPU flaw named EntrySign, ISPs in the US and China targeted in massive attack, ENISA report on NIS2 Directive.

March 7, 2025 

[

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets

-------------------------------------------------------------

](https://www.securityweek.com/edimax-camera-zero-day-disclosed-by-cisa-exploited-by-botnets/)

Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution.

March 7, 2025 

[FBI: Fake Ransomware Attack Claims Sent to US Executives via Snail Mail 

------------------------------------------------------------------------](https://www.securityweek.com/fbi-fake-ransomware-attack-claims-sent-to-us-executives-via-snail-mail/) 

An extortion group has been sending physical mail to corporate executives, threatening to leak their data unless a ransom is paid.

March 7, 2025 

[Microsoft Says One Million Devices Impacted by Infostealer Campaign 

--------------------------------------------------------------------](https://www.securityweek.com/microsoft-says-one-million-devices-impacted-by-infostealer-campaign/) 

Microsoft has uncovered a malvertising campaign that redirected users to information stealers hosted on GitHub.

March 7, 2025 

[

Cyberattack Disrupts National Presto Industries Operations

----------------------------------------------------------

](https://www.securityweek.com/cyberattack-disrupts-national-presto-industries-operations/)

National Presto Industries says a cyberattack has resulted in a system outage and operational disruptions.

March 7, 2025 

[

18,000 Organizations Impacted by NTT Com Data Breach

----------------------------------------------------

](https://www.securityweek.com/18000-organizations-impacted-by-ntt-com-data-breach/)

NTT Communications Corporation has disclosed a data breach impacting the information of nearly 18,000 customer organizations.

March 7, 2025 

[

Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware

--------------------------------------------------------------------------------

](https://www.securityweek.com/many-schools-report-data-breach-after-retirement-services-firm-hit-by-ransomware/)

Dozens of schools and thousands of individuals are impacted by a data breach resulting from a ransomware attack on Carruth Compliance Consulting.

March 7, 2025 

[

New AI Protection from Google Cloud Tackles AI Risks, Threats, and Compliance

-----------------------------------------------------------------------------

](https://www.securityweek.com/new-ai-protection-from-google-cloud-tackles-ai-risks-threats-and-compliance/)

Google Cloud’s AI Protection helps discover AI inventory, secure AI assets, and manage threats with detect, investigate, and respond capabilities.

March 7, 2025 

[

Medusa Ransomware Attacks Increase

----------------------------------

](https://www.securityweek.com/medusa-ransomware-attacks-increase/)

The number of Medusa ransomware attacks observed in the first two months of 2025 doubled compared to the same period last year.

March 7, 2025 

[

Armis Acquires Otorio to Expand OT and CPS Security Suite

---------------------------------------------------------

](https://www.securityweek.com/armis-acquires-otorio-to-expand-ot-and-cps-security-suite/)

The transaction is valued in the range of $120 million and gives Armis an on-premises CPS solution

March 6, 2025 

[

How Social Engineering Sparked a Billion-Dollar Supply Chain Cryptocurrency Heist

---------------------------------------------------------------------------------

](https://www.securityweek.com/how-social-engineering-sparked-a-billion-dollar-supply-chain-cryptocurrency-heist/)

The $1.4 billion ByBit cryptocurrency heist combined social engineering, stolen AWS session tokens, MFA bypasses and a rigged JavaScript file.

March 6, 2025 

[

House Passes Bill Requiring Federal Contractors to Implement Vulnerability Disclosure Policies

----------------------------------------------------------------------------------------------

](https://www.securityweek.com/federal-contractor-cybersecurity-bill-passes-house/)

The House of Representatives has passed a bill aimed at requiring federal contractors to have a Vulnerability Disclosure Policy (VDP).

March 6, 2025 

[

Nigerian Accused of Hacking Tax Preparation Firms Extradited to US

------------------------------------------------------------------

](https://www.securityweek.com/nigerian-accused-of-hacking-tax-preparation-firms-extradited-to-us/)

Matthew Akande was extradited to the US to face charges for his role in hacking into Massachusetts tax preparation firms’ networks.

March 6, 2025 

[

Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation

--------------------------------------------------------------------------

](https://www.securityweek.com/financial-organizations-urge-cisa-to-revise-proposed-circia-implementation/)

A group of financial organizations is asking CISA to rescind and reissue its proposed implementation of CIRCIA.

March 6, 2025 

[

BadBox Botnet Powered by 1 Million Android Devices Disrupted

------------------------------------------------------------

](https://www.securityweek.com/badbox-botnet-powered-by-1-million-android-devices-disrupted/)

A second iteration of the BadBox botnet that affected over one million Android devices has been partially disrupted.

March 6, 2025 

[More Articles](#)

Page 1 of 19381[2](https://www.securityweek.com/page/2/)[3](https://www.securityweek.com/page/3/)[4](https://www.securityweek.com/page/4/)[5](https://www.securityweek.com/page/5/)[Next ›](https://www.securityweek.com/page/2/)[Last »](https://www.securityweek.com/page/1938/)

[](https://www.icscybersecurityconference.com)

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

[Learn More](https://www.icscybersecurityconference.com)

#### Application Security

[

](https://www.securityweek.com/openssf-releases-security-baseline-for-open-source-projects/)

### Application Security

[

OpenSSF Releases Security Baseline for Open Source Projects

-----------------------------------------------------------

](https://www.securityweek.com/openssf-releases-security-baseline-for-open-source-projects/)

The Open Source Security Foundation (OpenSSF) has created a structured set of security requirements for open source projects.

[Eduard Kovacs](https://www.securityweek.com/contributors/eduard-kovacs/ "Posts by Eduard Kovacs")February 26, 2025

[](https://www.securityweek.com/mirrortab-raises-8-5m-seed-round-to-take-on-browser-based-attacks/)

[](https://www.securityweek.com/mirrortab-raises-8-5m-seed-round-to-take-on-browser-based-attacks/)[](https://www.securityweek.com/mirrortab-raises-8-5m-seed-round-to-take-on-browser-based-attacks/ "MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks")

### Application Security

[

MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks

------------------------------------------------------------------

](https://www.securityweek.com/mirrortab-raises-8-5m-seed-round-to-take-on-browser-based-attacks/)

[](https://www.securityweek.com/semgrep-raises-100m-for-ai-powered-code-security-platform/)

[](https://www.securityweek.com/semgrep-raises-100m-for-ai-powered-code-security-platform/)[](https://www.securityweek.com/semgrep-raises-100m-for-ai-powered-code-security-platform/ "Semgrep Raises $100M for AI-Powered Code Security Platform")

### Application Security

[

Semgrep Raises $100M for AI-Powered Code Security Platform

----------------------------------------------------------

](https://www.securityweek.com/semgrep-raises-100m-for-ai-powered-code-security-platform/)

[](https://www.securityweek.com/how-agentic-ai-will-be-weaponized-for-social-engineering-attacks/)

[](https://www.securityweek.com/how-agentic-ai-will-be-weaponized-for-social-engineering-attacks/)[](https://www.securityweek.com/how-agentic-ai-will-be-weaponized-for-social-engineering-attacks/)

### Application Security

[

How Agentic AI will be Weaponized for Social Engineering Attacks

----------------------------------------------------------------

](https://www.securityweek.com/how-agentic-ai-will-be-weaponized-for-social-engineering-attacks/)

#### Cloud Security

### Artificial Intelligence

[

New AI Protection from Google Cloud Tackles AI Risks, Threats, and Compliance

-----------------------------------------------------------------------------

](https://www.securityweek.com/new-ai-protection-from-google-cloud-tackles-ai-risks-threats-and-compliance/)

Google Cloud’s AI Protection helps discover AI inventory, secure AI assets, and manage threats with detect, investigate, and respond capabilities.

[Kevin Townsend](https://www.securityweek.com/contributors/kevin-townsend/ "Posts by Kevin Townsend")1 day ago

[](https://www.securityweek.com/aryon-security-debuts-with-platform-to-prevent-cloud-misconfigurations/)

[](https://www.securityweek.com/aryon-security-debuts-with-platform-to-prevent-cloud-misconfigurations/)[](https://www.securityweek.com/aryon-security-debuts-with-platform-to-prevent-cloud-misconfigurations/)

### Cloud Security

[

Aryon Security Debuts With Platform to Prevent Cloud Misconfigurations

----------------------------------------------------------------------

](https://www.securityweek.com/aryon-security-debuts-with-platform-to-prevent-cloud-misconfigurations/)

[](https://www.securityweek.com/edera-banks-15m-for-kubernetes-workload-isolation-tech/)

[](https://www.securityweek.com/edera-banks-15m-for-kubernetes-workload-isolation-tech/)[](https://www.securityweek.com/edera-banks-15m-for-kubernetes-workload-isolation-tech/ "Edera Banks $15M for Kubernetes Workload Isolation Tech")

### Cloud Security

[

Edera Banks $15M for Kubernetes Workload Isolation Tech

-------------------------------------------------------

](https://www.securityweek.com/edera-banks-15m-for-kubernetes-workload-isolation-tech/)

[](https://www.securityweek.com/rad-security-raises-14-million-for-ai-cloud-security-platform/)

[](https://www.securityweek.com/rad-security-raises-14-million-for-ai-cloud-security-platform/)[](https://www.securityweek.com/rad-security-raises-14-million-for-ai-cloud-security-platform/ "Rad Security Raises $14 Million for AI, Cloud Security Platform ")

### Cloud Security

[Rad Security Raises $14 Million for AI, Cloud Security Platform 

----------------------------------------------------------------](https://www.securityweek.com/rad-security-raises-14-million-for-ai-cloud-security-platform/) 

#### ICS/OT

### Funding/M&A

[

Armis Acquires Otorio to Expand OT and CPS Security Suite

---------------------------------------------------------

](https://www.securityweek.com/armis-acquires-otorio-to-expand-ot-and-cps-security-suite/)

The transaction is valued in the range of $120 million and gives Armis an on-premises CPS solution

[SecurityWeek News](https://www.securityweek.com/contributors/securityweek-news/ "Posts by SecurityWeek News")1 day ago

[](https://www.securityweek.com/organizations-still-not-patching-ot-due-to-disruption-concerns-survey/)

[](https://www.securityweek.com/organizations-still-not-patching-ot-due-to-disruption-concerns-survey/)[](https://www.securityweek.com/organizations-still-not-patching-ot-due-to-disruption-concerns-survey/)

### ICS/OT

[

Organizations Still Not Patching OT Due to Disruption Concerns: Survey

----------------------------------------------------------------------

](https://www.securityweek.com/organizations-still-not-patching-ot-due-to-disruption-concerns-survey/)

[](https://www.securityweek.com/ics-ot-security-budgets-increasing-but-critical-areas-underfunded-report/)

[](https://www.securityweek.com/ics-ot-security-budgets-increasing-but-critical-areas-underfunded-report/)[](https://www.securityweek.com/ics-ot-security-budgets-increasing-but-critical-areas-underfunded-report/ "ICS/OT Security Budgets Increasing, but Critical Areas Underfunded: Report")

### ICS/OT

[

ICS/OT Security Budgets Increasing, but Critical Areas Underfunded: Report

--------------------------------------------------------------------------

](https://www.securityweek.com/ics-ot-security-budgets-increasing-but-critical-areas-underfunded-report/)

[](https://www.securityweek.com/nine-threat-groups-active-in-ot-operations-in-2024-dragos/)

[](https://www.securityweek.com/nine-threat-groups-active-in-ot-operations-in-2024-dragos/)[](https://www.securityweek.com/nine-threat-groups-active-in-ot-operations-in-2024-dragos/)

### ICS/OT

[

Nine Threat Groups Active in OT Operations in 2024: Dragos

----------------------------------------------------------

](https://www.securityweek.com/nine-threat-groups-active-in-ot-operations-in-2024-dragos/)

Daily Briefing Newsletter

-------------------------

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.

[](https://ads.securityweek.com/redirect.spark?MID=179018&plid=2793753&setID=479628&channelID=0&CID=1041400&banID=522771113&PID=0&textadID=0&tc=1&rnd=8068195&scheduleID=2729057&adSize=640x480&mt=1741435160697950&sw=1920&sh=1080&spr=1&referrer=https%3A%2F%2Fwww.securityweek.com%2F&hc=15467d3055c8ba1e1ffd50846b6f26e56a36e782&location=)

Close