Search the Portal

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. "The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could increase the risk of targeted attacks," the company said. It also noted that it's working to notify all

The Hacker News by info@thehackernews.com (The Hacker News)

ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platforms to connected devices, every system that enhances convenience also expands the attack surface. This edition of ThreatsDay Bulletin explores these converging risks and the safeguards that help

The Hacker News by info@thehackernews.com (The Hacker News)

Realm.Security Raises $15 Million in Series A Funding

The cybersecurity startup will use the investment to accelerate its product development and market expansion efforts. The post Realm.Security Raises $15 Million in Series A Funding appeared first on SecurityWeek.

SaaS Breaches Start with Tokens - What Security Teams Must Watch

Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks. Most companies in 2025 rely on a whole range of software-as-a-service (SaaS) applications to run their operations. However, the security of these applications depends on small pieces of data called tokens. Tokens, like

The Hacker News by info@thehackernews.com (The Hacker News)

GitHub Copilot Chat Flaw Leaked Data From Private Repositories

Hidden comments allowed full control over Copilot responses and leaked sensitive information and source code. The post GitHub Copilot Chat Flaw Leaked Data From Private Repositories appeared first on SecurityWeek.

Chinese Hackers Breached Law Firm Williams & Connolly via Zero-Day

The company said there is no evidence that confidential client data was stolen from its systems. The post Chinese Hackers Breached Law Firm Williams & Connolly via Zero-Day appeared first on SecurityWeek.

Security Week by Eduard Kovacs

From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine

Russian hackers' adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025 (H1 2025), the country's State Service for Special Communications and Information Protection (SSSCIP) said. "Hackers now employ it not only to generate phishing messages, but some of the malware samples we have analyzed show clear signs of being generated

The Hacker News by info@thehackernews.com (The Hacker News)

All SonicWall Cloud Backup Users Had Firewall Configurations Stolen

In early September, hackers stole the firewall configuration backup files stored using the MySonicWall service. The post All SonicWall Cloud Backup Users Had Firewall Configurations Stolen appeared first on SecurityWeek.

Discord Says 70,000 Users Had IDs Exposed in Recent Data Breach

The hackers claim the theft of over 2 million photos of government identification documents provided to Discord for age verification. The post Discord Says 70,000 Users Had IDs Exposed in Recent Data Breach appeared first on SecurityWeek.

Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gain unauthorized access to any account, including administrators, and take control of susceptible sites. The authentication bypass vulnerability, tracked as CVE-2025-5947 (CVSS score: 9.8), affects the Service Finder Bookings, a WordPress plugin bundled with the

The Hacker News by info@thehackernews.com (The Hacker News)

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites. "Site visitors get injected content that was drive-by malware like fake Cloudflare verification," Sucuri researcher Puja Srivastava said in an analysis published last week. The website security company

The Hacker News by info@thehackernews.com (The Hacker News)

AI Takes Center Stage at DataTribe’s Cyber Innovation Day

From defending AI agents to teaching robots to move safely, finalists at this year’s DataTribe Challenge are charting the next frontier in cybersecurity innovation. The post AI Takes Center Stage at DataTribe’s Cyber Innovation Day appeared first on SecurityWeek.

Security Week by Kevin Townsend

Will AI-SPM Become the Standard Security Layer for Safe AI Adoption?

How security posture management for AI can protect against model poisoning, excessive agency, jailbreaking and other LLM risks. The post Will AI-SPM Become the Standard Security Layer for Safe AI Adoption? appeared first on SecurityWeek.

Security Week by Etay Maor

Virtual Event Today: Zero Trust & Identity Strategies Summit

Join the virtual event we dive into the world of digital identity management and the role of zero-trust principles and associated technologies. The post Virtual Event Today: Zero Trust & Identity Strategies Summit appeared first on SecurityWeek.

Security Week by SecurityWeek News