SecurityWeek

CISA Warns of Exploited Flaw in Asus Update Tool

CISA warns of attacks exploiting CVE-2025-59374, a backdoor introduced in the Asus Live Update tool in a supply chain attack.
SecurityWeek

SonicWall Patches Exploited SMA 1000 Zero-Day

Threat actors are chaining CVE-2025-40602, a fresh SonicWall zero-day, with CVE-2025-23006 for unauthenticated remote code ...
SecurityWeek

France Probes ‘Foreign Interference’ After Remote Control Malware Found on Passenger Ferry

France’s counterespionage agency is investigating a suspected cyberattack plot targeting an international passenger ferry ...
SecurityWeek

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear

Chinese threat group UAT-9686 has been exploiting the zero-day CVE-2025-20393 to hack Cisco security appliances.
SecurityWeek

HPE Patches Critical Flaw in IT Infrastructure Management Software

HPE has released patches for a critical-severity OneView vulnerability that could lead to unauthenticated remote code ...
SecurityWeek

IoT Security Firm Exein Raises €100 Million

Italy-based IoT security firm Exein has raised another €100 million ($117 million) to accelerate its global expansion.
SecurityWeek

UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks

Motherboards from several major vendors are affected by a vulnerability that can allow a threat actor to conduct early-boot attacks.
SecurityWeek

113,000 Impacted by Data Breach at Virginia Mental Health Authority

A ransomware group stole the personal information of over 113,000 people from Richmond Behavioral Health Authority’s network.