Moving CVEs past one-nation control
A near-miss episode of attempted defunding spotlights a need for a better way
Similar Posts
A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says
A top White House official said at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign. The post A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says appeared first on SecurityWeek.
CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2025-61757 (CVSS score: 9.8), a case of missing authentication for a critical function that can result in pre-authenticated
Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt
Bys sThreat actors with ties to Iran engaged in cyber warfare as part of efforts to facilitate and enhance physical, real-world attacks, a trend that Amazon has called cyber-enabled kinetic targeting. The development is a sign that the lines between state-sponsored cyber attacks and kinetic warfare are increasingly blurring, necessitating the need for a new category…
Ukrainian Teen Sentenced for Sharing Military Data with Russian Spy
Bys sMezha reports: As reported in the court’s verdict: In Khmelnytskyi, a court sentenced a 16-year-old girl for transmitting data about military facilities to a Russian intelligence officer who paid 3,802 hryvnias for it. She admitted her guilt, and the court’s verdict confirmed the facts of cooperation with a foreign agent. The decision is described in the……
Reminder: Survey on threats experienced by journalists and security researchers
Bys sAre you a security researcher or a journalist in the cybersecurity/cybercrime space? DataBreaches.net and Zack Whittaker at this.weekinsecurity.com are conducting a survey on the types of threats that researchers and journalists have experienced, including legal threats or legal process and threats of violence by cybercriminals. The survey is at https://forms.gle/. Please complete the survey and……
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
Bys sThe North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages to the npm registry, underscoring ongoing attempts to poison the open-source ecosystem via software supply chain attacks. The packages, per Socket, have attracted more than 17,000 downloads, and incorporate a previously undocumented version of…