Information

19 Sep

Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions

Information, Malware, News

Two Russian state-sponsored threat actors have been working together in recent cyberattacks against Ukrainian targets, evidence collected by ESET suggests. Specifically, the company found that, between February and April 2025, tools that Gamaredon had deployed were used to restart and deploy Turla malware on the systems of select victims in Ukraine. Turla, also known as Krypton, Snake, Venomous Bear, and Waterbug, has been active since at least 2004, focusing on high-profile targets, including diplomats and…

Read More
18 Sep

ChatGPT Targeted in Server-Side Data Theft Attack

Information, News

Researchers at web security company Radware recently discovered what they described as a service-side data theft attack method involving ChatGPT.  The attack, dubbed ShadowLeak, targeted ChatGPT’s Deep Research capability, which is designed to conduct multi-step research for complex tasks. OpenAI neutralized ShadowLeak after it was notified by Radware. The ShadowLeak attack did not require any user interaction. The attacker simply needed to send a specially crafted email that when processed by the Deep Research agent…

Read More
17 Sep

HybridPetya: The Petya/NotPetya copycat comes with a twist

Information

HybridPetya is the fourth publicly known real or proof-of-concept bootkit with UEFI Secure Boot bypass functionality 16 Sep 2025 ESET researchers have uncovered a new ransomware strain that they have named HybridPetya. While resembling the infamous Petya/NotPetya malware, it comes with a new and dangerous twist – it adds the ability to compromise UEFI-based systems and weaponize CVE‑2024‑7344 in order to bypass UEFI Secure Boot on outdated systems. HybridPetya is not actively spreading in the…

Read More
17 Sep

Virtual Event Today: Attack Surface Management Summit

Information, News

SecurityWeek’s Attack Surface Management Virtual Summit is now LIVE and runs today from 11AM – 4PM ET. Join the online event where cybersecurity leaders and practitioners will dive into the strategies, tools, and innovations shaping the future of ASM. As digital assets and cloud services continue to expand, defenders are shifting tactics to continuously discover, inventory, classify, prioritize, and monitor their attack surfaces. This summit brings together experts to share real-world lessons, emerging trends, and practical…

Read More
16 Sep

CrowdStrike to Acquire Pangea to Launch AI Detection and Response (AIDR)

Information, News

CrowdStrike on Tuesday said that it would acquire Pangea, a company specializing in AI security, to expand its Falcon platform with new protections designed for enterprise AI systems. The acquisition, announced at CrowdStrike’s Fal.Con 2025 event, is intended to address security challenges specific to the use of AI models, agents, and applications in the workplace. CrowdStrike plans to integrate Pangea’s capabilities to help organizations monitor, control, and secure AI interactions across their infrastructure. The announcement…

Read More
16 Sep

Self-Replicating Worm Hits 180+ Software Packages

Information, Insights

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed. Image: https://en.wikipedia.org/wiki/Sandworm_(Dune) The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms…

Read More
15 Sep

689,000 Affected by Insider Breach at FinWise Bank

Data Breaches, Information, News

Hundreds of thousands of individuals have been impacted by an insider breach experienced by FinWise Bank. FinWise Bank, a Utah-based provider of fintech solutions and banking services, has informed the Maine Attorney General’s Office on behalf of payment solutions provider American First Finance (AFF) that a data breach discovered last year has impacted 689,000 individuals. The incident involved a former FinWise employee accessing data after their employment ended. No additional details have been shared, but…

Read More
13 Sep

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Information

ESET Research has discovered HybridPetya, on the VirusTotal sample sharing platform. It is a copycat of the infamous Petya/NotPetya malware, adding the capability of compromising UEFI-based systems and weaponizing CVE‑2024‑7344 to bypass UEFI Secure Boot on outdated systems. Key points of this blogpost: New ransomware samples, which we named HybridPetya, resembling the infamous Petya/NotPetya malware, were uploaded to VirusTotal in February 2025. HybridPetya encrypts the Master File Table, which contains important metadata about all the…

Read More
12 Sep

Are cybercriminals hacking your systems – or just logging in?

Information

Business Security As bad actors often simply waltz through companies’ digital front doors with a key, here’s how to keep your own door firmly locked tight Phil Muncaster 11 Sep 2025  •  , 5 min. read Why break a door down and set the house alarm off when you have a key and a code to walk in silently? This is the rationale behind a trend in cybersecurity where adversaries are increasingly looking to steal…

Read More
12 Sep

In Other News: $900k for XSS Bugs, HybridPetya Malware, Burger King Censors Research

Information, News

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.  Here are this…

Read More