Murdoc Botnet Ensnaring Avtech, Huawei Devices

Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware. The post Trimble Cityworks Customers Warned of Zero-Day Exploitation appeared first on SecurityWeek.

As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities of data being migrated to the cloud. But there are other developments that could impact your organizations and drive the need for an even…

Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user’s Git credentials. “Git implements a protocol called Git Credential Protocol to retrieve credentials from the credential helper,” GMO Flatt Security researcher Ry0taK, who discovered the…

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn’t have asked for a better kickoff panel: three cybersecurity leaders who don’t just talk security, they live it. Let me introduce them. Alex Delay, CISO at IDB Bank, knows what it means to defend…

Jagmeet Singh reports: Max Financial Services on Wednesday said its insurance subsidiary Axis Max Life Insurance received communication from an anonymous sender about unauthorized access to its customer data. Without disclosing specifics, the Noida-based financial services company said in its stock exchange filing that Axis Max Life Insurance subsequently initiated an information security assessment and data log…

In the second of a two-part series on tools and frameworks designed to help with remediation prioritization, we explore some alternatives to CVSS