Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Other noteworthy stories that might have slipped under the radar: rogue ransomware negotiators charged, F5 hack prompts OT security guidance, Germany targets Huawei tech.

Threat actors exploited CVE-2025-21042 to deliver malware via specially crafted images to users in the Middle East. 

When leaders redefine power as trust instead of control, teams unlock their potential — and organizations find their edge.

The vulnerability is tracked as CVE-2025-12058 and it can be exploited for arbitrary file loading and conducting SSRF attacks.

ClickFix prompts typically contain instructions for Windows users, but now they are tailored for macOS and they are getting increasingly convincing.

Google’s acquisition of Wiz is expected to close in 2026, but there are other reviews that need to be cleared.

The Congressional Budget Office confirmed it had been hacked, potentially disclosing important government data to malicious actors.

An out-of-bounds write flaw in WebGPU tracked as CVE-2025-12725 could be exploited for remote code execution.

Multiple state-sponsored Russian groups are targeting Ukrainian entities and European countries linked to Ukraine.

Between 2016 and 2021, the suspects defrauded 4.3 million cardholders in 193 countries of €300 million (~$346 million).

Tenable researchers discovered seven vulnerabilities, including ones affecting the latest GPT model.

The investment will fuel the development of Truffle’s enterprise-grade secrets detection, verification, and remediation platform.

Landfall spyware exploited CVE-2025-21042 Landfall spyware exploited CVE-2025-21042

Threat actors exploited CVE-2025-21042 to deliver malware via specially crafted images to users in the Middle East. 

macOS malware macOS malware

ClickFix prompts typically contain instructions for Windows users, but now they are tailored for macOS and they are getting increasingly convincing.

Google acquires Wiz Google acquires Wiz

Google’s acquisition of Wiz is expected to close in 2026, but there are other reviews that need to be cleared.

Top Cybersecurity Headlines

Tenable researchers discovered seven vulnerabilities, including ones affecting the latest GPT model.

The threat actor stole the firewall configuration files of all SonicWall customers who used the cloud backup service.

Google has released a report describing the novel ways in which malware has been using AI to adapt and evade detection.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Designed for senior level cybersecurity leaders to discuss, share and learn innovative cybersecurity and risk management strategies.

Register

This session will explore the critical steps industrial organizations must take to effectively protect operations, achieve compliance, and ensure both operational continuity and long-term growth.

Register

Join to learn why legacy defenses fail against modern API attacks as well as the strategies organizations need to stay ahead of today’s evolving threats.

Register

Upcoming Cybersecurity Events

The Industrial Control Systems (ICS) Cybersecurity Conference is the largest and longest-running event series focused on industrial cybersecurity.
[October 27-30, 2025 | Atlanta]

Learn More

SecurityWeek’s 2025 CISO Forum Virtual Summit Designed for senior level cybersecurity leaders to discuss, share and learn innovative cybersecurity and risk management strategies.
[November 12, 2025 – Virtual]

Read More

SecurityWeek’s Cyber AI & Automation Summit pushes the boundaries of security discussions by exploring the implications and applications of predictive AI, machine learning, and automation in modern cybersecurity programs.
[December 10, 2025 | Virtual]

Read More

SecurityWeek’s Cloud and Data Security Summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure and APIs. [July 16, 2025 – Virtual]

Learn More

Vulnerabilities

Cybercrime

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.