91% of organizations face vulnerability remediation delays
| April 30th, 2025
Vulnerability remediation delays are primarily caused by breakdowns in communication and team collaboration.
Source:: Security magazin
Archive for April, 2025
Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises
| April 16th, 2025Top-ranked mobile apps found using hardcoded keys and exposed cloud buckets.
The post Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises appeared first on SecurityWeek.
Source:: securityweek
Pillar Security Banks $9M for AI Security Guardrails
| April 16th, 2025By Ryan Naraine
Shield Capital leads a $9 million seed-stage funding round for Israeli startup building technologies for AI security and privacy guardrails.
The post Pillar Security Banks $9M for AI Security Guardrails appeared first on SecurityWeek.
Source:: securityweek
Ransomware Group Claims Hacking of Oregon Regulator After Data Breach Denial
| April 16th, 2025The Rhysida ransomware gang claims to have stolen 2.5 Tb of files from the Oregon Department of Environmental Quality.
The post Ransomware Group Claims Hacking of Oregon Regulator After Data Breach Denial appeared first on SecurityWeek.
Source:: securityweek
Security industry mourns the loss of Keith Oringer
| April 16th, 2025
Keith Oringer, Founder and President of Security ProAdvisors, passed away on April 11, 2025.
Source:: Security magazin
Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild
| April 16th, 2025In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally.
The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek.
Source:: securityweek
Critical Vulnerability Found in Apache Roller Blog Server
| April 16th, 2025A critical vulnerability in Apache Roller could be used to maintain persistent access by reusing older sessions even after password changes.
The post Critical Vulnerability Found in Apache Roller Blog Server appeared first on SecurityWeek.
Source:: securityweek
Microsoft Warns of Node.js Abuse for Malware Delivery
| April 16th, 2025In the past months Microsoft has seen multiple campaigns involving Node.js to deliver malware and other malicious payloads.
The post Microsoft Warns of Node.js Abuse for Malware Delivery appeared first on SecurityWeek.
Source:: securityweek
Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities
| April 16th, 2025Chrome 135 and Firefox 137 updates have been rolled out with patches for critical- and high-severity vulnerabilities.
The post Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities appeared first on SecurityWeek.
Source:: securityweek
Oracle Patches 180 Vulnerabilities With April 2025 CPU
| April 16th, 2025Oracle’s April 2025 Critical Patch Update contains 378 security patches that resolve approximately 180 unique CVEs.
The post Oracle Patches 180 Vulnerabilities With April 2025 CPU appeared first on SecurityWeek.
Source:: securityweek