Information

Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances

Cyberespionage has remained a constant feature of Russia’s war against Ukraine. ESET Research has long tracked Gamaredon, one of the most active Russia-aligned advanced persistent threat (APT) groups targeting Ukraine. The group, attributed by the Security Service of Ukraine (SSU) to the 18th Center of Information Security of Russia’s FSB, maintained a high operational tempo throughout 2025. In our latest research, we analyze Gamaredon’s activity during 2025, including new tools added to its arsenal, significant…

Read More

Linux Foundation Unveils New Open Source Security Project Akrites

The Linux Foundation on Thursday announced a new industry effort aimed at efficiently addressing vulnerabilities in the open source software (OSS) ecosystem. Named Akrites, it establishes a shared Security Incident Response Team (SIRT) for coordinated discovery, patching, and public disclosure of OSS security defects. If it sounds familiar, it should. Less than two weeks ago, Chainguard announced Athena, a coalition of over two dozen fintech and technology organizations aimed at addressing OSS bugs before public…

Read More

ESET takes part in Operation Endgame to disrupt Amadey and Stealc

A year ago, ESET Research was part of two major operations that disrupted some of the leading cybercriminal operations at the time, Lumma Stealer and Danabot. More recently, our researchers are once again collaborating with private partners and law enforcement, but this time taking aim at the Amadey botnet and Stealc infostealer, both provided via malware-as-a-service (MaaS) offerings. Operation Endgame – coordinated by Microsoft Digital Crimes Unit (DCU), BitSight, Lumen, Mitsui Bussan Secure Directions (MBSD),…

Read More

25-Year-Old Vulnerability Patched in Curl

The open source data transfer tool and library curl has been updated this week with patches for 18 vulnerabilities, including one introduced 25 years ago. The flaws, four medium and 14 low-severity, were discovered as part of a community effort after Anthropic’s Mythos discovered a single curl bug in early May. This release resolves the highest number of CVEs patched with a single curl update, including an issue that was introduced in version 7.7, shipped…

Read More

Webinar Today: Modern Exposure Validation in the AI Era

Weeks to hours. That’s how fast AI now turns a new vulnerability into a working exploit. Patch-and-pentest cycles were built for a slower world. The question has changed from “are we patched?” to “are we secure right now, and can we prove it?” Here’s the hard truth: finding exposures was never the problem. Proving which ones an attacker could actually use, and deciding the right call on evidence, is the hard part. And no single tool gets…

Read More

Scattered Spider Hackers Plead Guilty on Day 1 of Trial

Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cybercrime group known as Scattered Spider, and their guilty pleas came on the first day of what was expected to be a six-week trial. Owen Flowers (left) 18, and Thalha…

Read More

Canadian Electricity Provider London Hydro Discloses Data Breach

Canadian electricity provider London Hydro is investigating a data breach that potentially impacted the personal and account information of its customers. London Hydro is a local distribution company serving the City of London, Ontario. It serves roughly 170,000 residential, institutional, commercial, and industrial customers. On June 20, the electricity provider announced that hackers had broken into its systems and that customers’ data was likely accessed. “London Hydro and the appropriate authorities are currently investigating a…

Read More

Fortinet Responds to FortiBleed Campaign

Fortinet says the large-scale credential-harvesting campaign currently targeting its customers’ firewalls and VPNs does not exploit new vulnerabilities. As part of the campaign, tracked as FortiBleed, threat actors have compiled a database of over 86,000 confirmed working credentials for Fortinet devices in 194 countries. “Based on our initial analysis, we believe the activity involves threat actors reusing credentials from previous incidents and employing brute-force techniques against devices with weak password hygiene and no multi-factor authentication…

Read More

French President Urges US to Share Cutting-Edge AI and Democracies to Cooperate on Regulation

French President Emmanuel Macron on Wednesday urged the world’s wealthy democracies to work together on regulating advanced artificial intelligence systems, speaking at a high-level meeting that included top AI executives. OpenAI CEO Sam Altman issued a similar plea at the Group of Seven summit of major industrialized nations in France, saying an “international forum” is needed for countries to draw up AI guardrails. He said the task of AI safety should not be left to…

Read More

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: 10-year-old phpBB flaw enables session hijacking Researchers uncovered a critical authentication…

Read More