China’s APT41 sent out malicious emails on behalf of Rep. John Moolenaar to collect information ahead of US-China trade talks. The post Chinese Spies Impersonated US Lawmaker to Deliver Malware to Trade Groups: Report appeared first on SecurityWeek. This article…
Tag: securityweek
PromptLock Only PoC, but AI-Powered Ransomware Is Real
PromptLock is only a prototype of LLM-orchestrated ransomware, but hackers already use AI in file encryption and extortion attacks. The post PromptLock Only PoC, but AI-Powered Ransomware Is Real appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets
A supply chain attack called GhostAction has enabled threat actors to steal secrets and exploit them. The post GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Salesloft GitHub Account Compromised Months Before Salesforce Attack
The list of impacted cybersecurity firms has been expanded to include BeyondTrust, Bugcrowd, CyberArk, Cato Networks, JFrog, and Rubrik. The post Salesloft GitHub Account Compromised Months Before Salesforce Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack
The private repositories of hundreds of organizations were published publicly in the second phase of the Nx supply chain attack. The post Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack appeared first on SecurityWeek. This article has…
Fintech Firm Wealthsimple Says Supply Chain Attack Resulted in Data Breach
Canadian firm Wealthsimple says a data breach impacts the information of some customers, but accounts and funds remain secure. The post Fintech Firm Wealthsimple Says Supply Chain Attack Resulted in Data Breach appeared first on SecurityWeek. This article has been…
Cybersecurity M&A Roundup: 27 Deals Announced in August 2025
Significant cybersecurity M&A deals announced by Accenture, CrowdStrike, F5, Okta, and SentinelOne. The post Cybersecurity M&A Roundup: 27 Deals Announced in August 2025 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Cybersecurity M&A…
How to Close the AI Governance Gap in Software Development
Widespread adoption of AI coding tools accelerates development—but also introduces critical vulnerabilities that demand stronger governance and oversight. The post How to Close the AI Governance Gap in Software Development appeared first on SecurityWeek. This article has been indexed from…
Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool
Called A2, the framework mimics human analysis to identify vulnerabilities in Android applications and then validates them. The post Academics Build AI-Powered Android Vulnerability Discovery and Validation Tool appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
In Other News: Scammers Abuse Grok, US Manufacturing Attacks, Gmail Security Claims Debunked
Noteworthy stories that might have slipped under the radar: Google fined €325 million, City of Baltimore sent $1.5 million to scammer, Bridgestone targeted in cyberattack. The post In Other News: Scammers Abuse Grok, US Manufacturing Attacks, Gmail Security Claims Debunked…