Ransomware Groups Adopting EDR Killer Tools

9-Year-Old NPM Crypto Package Hijacked

Friday, March 28, 2025 Worm, Fraud, Ghost... Oh My: A Deep Dive into Malicious GPTs (Sponsored by Abnormal) CYBERSECURITY NEWS HEADLINES Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware 9-Year-Old NPM Crypto Package Hijacked In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked New Issuance Requirements Improve HTTPS Certificate Validation Morphing Meerkat Phishing Kits Target Over 100 Brands Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia Splunk Patches Dozens of Vulnerabilities Registration is Open for 2025 ICS Cybersecurity Conference! Worm, Fraud, Ghost... Oh My: A Deep Dive into Malicious GPTs Join us for part one of our 3-part webinar series to explore how malicious GPTs empower cybercriminals to launch scalable attacks—fast and without safeguards. Learn what to expect and how to stay ahead. See the Agenda SecurityWeek Expert Insights Through the Lens of Music: What Cybersecurity Can Learn From Joni Mitchell - A Joni Mitchell song from the 1960s can teach us a lot about securing hybrid and multi-cloud environments. (Joshua Goldfarb) March Madness Requires Vigilance on Both an Individual and Corporate Level - Defending high profile sporting events from adversarial attacks requires a mix of experienced capabilities and a solid threat intelligence program. (Marc Solomon) RSA Conference Playbook: Smart Strategies from Seasoned Attendees - Your guide on how to get through the conference with your sanity, energy, and key performance indicators (KPIs) intact. (Jennifer Leggio) Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution - Organizations can align their processes with one of two global industry standards for self-assessment and security maturity—BSIMM and OWASP SAMM. (Matias Madou) If you missed it this week... Ransomware Groups Increasingly Adopting EDR Killer Tools OpenAI Offering $100K Bounties for Critical Vulnerabilities More Solar System Vulnerabilities Expose Power Grids to Hacking  AI Security Firm Straiker Emerges From Stealth With $21M in Funding T-Mobile Coughed Up $33 Million in SIM Swap Lawsuit Splunk Patches Dozens of Vulnerabilities The Importance of Allyship for Women in Cyber Russian Espionage Group Using Ransomware in Attacks UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach  The Importance of Allyship for Women in Cyber GetReal Security Raises $17.5 Million to Tackle Gen-AI Threats Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky Russian Ransomware Gang Exploited Windows Zero-Day Before Patch macOS Users Warned of New Versions of ReaderUpdate Malware Security Firms Say Evidence Seems to Confirm Oracle Cloud Hack AMTSO Releases Sandbox Evaluation Framework Critical Next.js Vulnerability in Hacker Crosshairs Island Banks $250M Series E for Enterprise Browser New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest SplxAI Raises $7 Million for AI Security Platform Vulnerabilities Allow Remote Hacking of Inaba Plant Monitoring Cameras IngressNightmare Flaws Expose Kubernetes Clusters to Remote Hacking Webinar on Demand: Which Security Testing Approach is Right for You? Microsoft Adds AI Agents to Security Copilot Chinese APT Weaver Ant Targeting Telecom Providers in Asia Ransomware Shifts Tactics as Payouts Drop: Critical Infrastructure in the Crosshairs Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots Hacker Conversations: Frank Trezza – From Phreaker to Pentester VMware Patches Authentication Bypass Flaw in Windows Tools Suite Charm Security Emerges From Stealth With $8 Million in Funding Numotion Data Breach Impacts Nearly 500,000 People 300 Arrested in Crackdown on Cybercrime Rings in Africa FCC Suspects Banned Chinese Telecom Providers Still Active in US NIST Still Struggling to Clear Vulnerability Submissions Backlog in NVD Medusa Ransomware Uses Malicious Driver to Disable Security Tools Oracle Denies Cloud Breach After Hacker Offers to Sell Data  Russian Firm Offers $4 Million for Telegram Exploits NetSfere Launches Quantum-Resilient Messaging Platform View SecurityWeek's 2025 Virtual Event Lineup RSS Feed | LinkedIn | Webcasts | Virtual Events © 2025 Wired Business Media

SecurityWeek | 470 Atlantic Ave 4th Floor | Boston, MA 02210 US Unsubscribe | Update Profile | Our Privacy Policy | Constant Contact Data Notice