SecurityWeek Briefing.

February 21, 2025

"Black Basta chats leaked, New SEC Cyber Units, and DOGE site hacked."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 21 February 2025, 1411 UTC.

Content and Source: Email subscription via https://feedly.com.

https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Ffeeds.feedburner.com%2FSecurityweek

Please scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

SecurityWeek

84K followers49 articles per week
#security #tech
68

Today

In Other News: Black Basta Chats Leaked, New SEC Cyber Unit, DOGE Site Hacked
by SecurityWeek News / 30min
Noteworthy stories that might have slipped under the radar: Black Basta ransomware chat logs leaked, SEC launches new cyber unit, DOGE website hacked. The post appeared first on SecurityWeek .
Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers
3 TTPs
•
by Ionut Arghire / 58min
OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. The post appeared first on SecurityWeek .
How China Pinned University Cyberattacks on NSA Hackers
8 TTPs
•
by Ionut Arghire / 1h
•
NSA cyber operations against China revealed
A researcher dives into Chinese reports attributing cyberattacks on Northwestern Polytechnical University to the NSA’s TAO division. The post appeared first on SecurityWeek .
CISA Warns of Attacks Exploiting Craft CMS Vulnerability
2 TTPs
•
by Eduard Kovacs / 2h
CISA has added a Craft CMS flaw tracked as CVE-2025-23209 to its Known Exploited Vulnerabilities (KEV) catalog. The post appeared first on SecurityWeek .
Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls
2 TTPs
•
by Eduard Kovacs / 3h
Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks. The post appeared first on SecurityWeek .

Yesterday

Chinese APT Tools Found in Ransomware Schemes, Blurring Attribution Lines
6 TTPs
•
by Ryan Naraine / 21h
•
Hacking groups collaborate for profit
China-linked cyberespionage toolkits are popping up in ransomware attacks, forcing defenders to rethink how they combat state-backed hackers. The post appeared first on SecurityWeek .
Mining Company NioCorp Loses $500,000 in BEC Hack
2 TTPs
•
by Eduard Kovacs / 22h
•
NioCorp reports cybersecurity incident
NioCorp Developments has informed the SEC that it lost $0.5 million after its systems were compromised. The post appeared first on SecurityWeek .
AI Can Supercharge Productivity, But We Still Need a Human-in-the-Loop
by Marc Solomon / 23h
AI systems can sometimes struggle with complex or nuanced situations, so human intervention can help identify and address potential issues that algorithms might not. The post appeared first on SecurityWeek .
Atlassian Patches Critical Vulnerabilities in Confluence, Crowd
4 TTPs
•
by Ionut Arghire / 1d
Atlassian has released patches for 12 critical- and high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd, and Jira. The post appeared first on SecurityWeek .
CISA, FBI Warn of China-Linked Ghost Ransomware Attacks
21 TTPs
•
by Ionut Arghire / 1d
CISA and the FBI warn organizations of attacks employing the Ghost (Cring) ransomware, operated by Chinese hackers. The post appeared first on SecurityWeek .
PoC Exploit Published for Critical Ivanti EPM Vulnerabilities
4 TTPs
•
by Ionut Arghire / 1d
Proof-of-concept (PoC) code and technical details on four critical-severity Ivanti EPM vulnerabilities are now available. The post appeared first on SecurityWeek .
US Military Health Provider HNFS Pays $11M in Settlement Over Cybersecurity Failures
Health Net Centene cybersecurity settlement 11M
•
by Ionut Arghire / 1d
US military health benefits program administrator HNFS to pay $11 million in settlement over its false claims of cybersecurity compliance. The post appeared first on SecurityWeek .
Microsoft Patches Exploited Power Pages Vulnerability
Privilege Escalation (Enterprise TA0004)
•
by Eduard Kovacs / 1d
•
CVE-2025-24989
Microsoft has patched CVE-2025-24989, a Power Pages privilege escalation vulnerability that has been exploited in attacks. The post appeared first on SecurityWeek .

Feb 19, 2025

How Hackers Manipulate Agentic AI With Prompt Engineering
by Etay Maor / 1d
Organizations adopting the transformative nature of agentic AI are urged to take heed of prompt engineering tactics being practiced by threat actors. The post appeared first on SecurityWeek .
CISO Conversations: Kevin Winter at Deloitte and Richard Marcus at AuditBoard
by Kevin Townsend / 1d
SecurityWeek speaks with Kevin Winter, Global CISO at Deloitte, and Richard Marcus, CISO at AuditBoard. The post appeared first on SecurityWeek .
Blockaid Raises $50 Million to Secure Blockchain Applications
Blockaid raises 50M Series B
•
by Ionut Arghire / 2d
Blockaid raises $50 million in Series B funding to scale operations to meet demand for its blockchain application security platform. The post appeared first on SecurityWeek .
OpenSSH Patches Vulnerabilities Allowing MitM, DoS Attacks
5 TTPs
•
by Ionut Arghire / 2d
•
CVE-2025-26465
The latest OpenSSH update patches two vulnerabilities, including one that enabled MitM attacks with no user interaction. The post appeared first on SecurityWeek .
VC Firm Insight Partners Hacked
Insight Partners suffers cyberattack
•
by Eduard Kovacs / 2d
Venture capital firm Insight Partners has been targeted in a cyberattack that involved unauthorized access to its information systems. The post appeared first on SecurityWeek .
Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities
2 TTPs
•
by Ionut Arghire / 2d
Google and Mozilla resolve high-severity memory safety vulnerabilities with the latest Chrome and Firefox security updates. The post appeared first on SecurityWeek .
New FrigidStealer macOS Malware Distributed as Fake Browser Update
11 TTPs
•
by Ionut Arghire / 2d
A recently identified macOS infostealer named FrigidStealer has been distributed through a compromised website, as a fake browser update. The post appeared first on SecurityWeek .
Free Diagram Tool Aids Management of Complex ICS/OT Cybersecurity Decisions
by Eduard Kovacs / 2d
Admeritia has launched Cyber Decision Diagrams, a free tool designed to help organizations manage complex decisions related to ICS/OT cybersecurity. The post appeared first on SecurityWeek .
Lee Enterprises Newspaper Disruptions Caused by Ransomware
3 TTPs
•
by Eduard Kovacs / 2d
•
Cyberattack disrupts Oregon newspaper printing
Lee Enterprises has shared more details on the recent cyberattack, saying the attackers encrypted and stole files. The post appeared first on SecurityWeek .
How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying
Russian hackers target Signal Messenger
•
by Ryan Naraine / 2d
Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations. The post appeared first on SecurityWeek .

Feb 18, 2025

Pangea Launches AI Guard and Prompt Guard to Combat Gen-AI Security Risks
Pangea launches AI security tools
•
by Kevin Townsend / 2d
Guardrail specialist releases new products to aid the development and use of secure gen-AI apps. The post appeared first on SecurityWeek .
MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks
by Ryan Naraine / 2d
San Francisco startup secures $8.5 million in seed funding led by Valley Capital Partners to tackle browser-based malware attacks. The post appeared first on SecurityWeek .
Finastra Starts Notifying People Impacted by Recent Data Breach
Exfiltration (Enterprise TA0010)
•
by Ionut Arghire / 3d
•
Finastra reports October data breach
Financial software firm Finastra is notifying individuals whose personal information was stolen in a recent data breach. The post appeared first on SecurityWeek .
Critical Vulnerability Patched in Juniper Session Smart Router
2 TTPs
•
by Eduard Kovacs / 3d
A critical vulnerability tracked as CVE-2025-21589 has been patched in Juniper Networks’ Session Smart Router. The post appeared first on SecurityWeek .
Singulr Launches With $10M in Funding for AI Security and Governance Platform
by Eduard Kovacs / 3d
Singulr AI announced its launch with $10 million in seed funding raised for an enterprise AI security and governance platform. The post appeared first on SecurityWeek .
Golang Backdoor Abuses Telegram for C&C Communication
10 TTPs
•
by Ionut Arghire / 3d
•
New Go malware uses Telegram C2
A newly discovered Golang backdoor is abusing Telegram for communication with its command-and-control (C&C) server. The post appeared first on SecurityWeek .
Microsoft Warns of Improved XCSSET macOS Malware
9 TTPs
•
by Ionut Arghire / 3d
•
XCSSET malware targets macOS developers
Microsoft has observed a new variant of the XCSSET malware being used in limited attacks against macOS users. The post appeared first on SecurityWeek .
Palo Alto Networks Confirms Exploitation of Firewall Vulnerability
3 TTPs
•
by Eduard Kovacs / 3d
•
CVE-2025-0108
Palo Alto Networks has confirmed that a recently patched firewall vulnerability tracked as CVE-2025-0108 is being actively exploited. The post appeared first on SecurityWeek .
Ex-NSO Group CEO’s Security Firm Dream Raises $100M at $1.1B Valuation
Dream Security raises 100M$ valuation 1.1B$
•
by Ionut Arghire / 3d
Israeli cybersecurity startup Dream has raised $100 million in Series B funding and is now valued at $1.1 billion. The post appeared first on SecurityWeek .

Comments