SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding… Read More "In Other News: Gladinet Flaw Exploitation, Attacks on ICS Honeypot, ClayRat Spyware"
Oct 10, 2025Ravie LakshmananVulnerability / Network Security Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that’s assessed to have come under active exploitation since at least September… Read More "Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation"
Der Sicherheitsvorfall bei SonicWall ist umfangreicher als bisher angenommen. Tada Images – shutterstock.com Am 17. September gab der Security-Anbieter SonicWall bekannt, dass Cyberkriminelle Backup-Dateien entwendet hätten, die für die Cloud-Sicherung konfiguriert waren. Damals behauptete das Unternehmen, der Vorfall sei auf… Read More "Datenleck bei SonicWall betrifft alle Cloud-Backup-Kunden"
Google has launched a new AI Vulnerability Reward Program (VRP), which is offering base rewards of up to $30,000 for bugs identified in the tech firm’s AI products. The bug bounty program aims to simplify the reporting process for researchers… Read More "Google Launches AI Bug Bounty with $30,000 Top Reward"
“The plans are being used and being built,” says Michael “Barni” Barnhart, a leading authority in North Korean hacking and cyber threats, who works for insider threat security firm DTEX. Along with other DPRK researchers, who call themselves a “Misfit”… Read More "North Korean Scammers Are Doing Architectural Design Now"
A newly identified botnet takes a ‘shotgun’ approach to compromising devices, packing over 50 exploits targeting routers, servers, cameras, and other network products, Trend Micro reports. Dubbed RondoDox, the botnet began activities in mid-2025 and was associated with the exploitation… Read More "RondoDox Botnet Takes ‘Exploit Shotgun’ Approach"
The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how Security Operations Centers (SOCs) detect, respond, and adapt. But not… Read More "What Sets Top-Tier Platforms Apart?"
Salesforce rekrutiert Security- und Privacy-Agenten Salesforce erweitert seine KI-Plattform für den Einsatz im Bereich Security und Privacy. Im Security Center soll Agentforce neue Sicherheitsfunktionen hinzufügen. Dazu zählen schnelle, gründliche Sicherheitsanalysen, Unterstützung beim Beheben von Sicherheitsvorfällen oder autonomes Thread Detection und… Read More "it-sa-Special"
The Clop ransomware group likely began targeting Oracle E-Business Suite (EBS) instances as early as August 9, successfully exfiltrating a “significant amount” of data new insights from Google Threat Intelligence Group (GTIG) and Mandiant have revealed. An individual or group… Read More "Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Explo"
The line between the digital and physical worlds blurs completely when a cyber attack results in widespread, tangible disruption. For thousands of travelers, this became a harsh reality when major European airports were forced to delay flights due to a… Read More "Grounded: The ARINC vMUSE Attack Disrupting Multiple Airports"
