Security firms say the flaw has been actively exploited for weeks, even as Fortinet quietly shipped fixes and CISA added the bug to its KEV catalog.
The CISO Forum Virtual Summit brought together CISOs, researchers, and innovators to share practical insights and strategies.
A state-sponsored threat actor manipulated Claude Code to execute cyberattacks on roughly 30 organizations worldwide.
Behavioral detection allows defenders to recognize activity patterns like privilege escalation, credential theft, and lateral movement—often ahead of encryption or data exfiltration.
When leaders redefine power as trust instead of control, teams unlock their potential — and organizations find their edge.
Agentic AI speeds operations, but requires clear goals, least privilege, auditability, red‑teaming, and human oversight to manage opacity, misalignment, and misuse.
To deploy AI tools securely and ethically, teams must balance innovation with accountability—establishing strong governance, upskilling developers, and enforcing rigorous code reviews.
If you are recruiting for a Field CISO, Field CTO, etc., or are looking to leverage a resource at your company in one of these roles, what are some things you should be aware of?
Designed for senior level cybersecurity leaders to discuss, share and learn innovative cybersecurity and risk management strategies.
RegisterThis session will explore the critical steps industrial organizations must take to effectively protect operations, achieve compliance, and ensure both operational continuity and long-term growth.
RegisterJoin to learn why legacy defenses fail against modern API attacks as well as the strategies organizations need to stay ahead of today’s evolving threats.
Register
SecurityWeek’s 2025 CISO Forum Virtual Summit Designed for senior level cybersecurity leaders to discuss, share and learn innovative cybersecurity and risk management strategies.
[NOW ON-DEMAND – Virtual]
SecurityWeek’s Cyber AI & Automation Summit pushes the boundaries of security discussions by exploring the implications and applications of predictive AI, machine learning, and automation in modern cybersecurity programs.
[December 10, 2025 | Virtual]
SecurityWeek’s CISO Forum 2026 Outlook Series is a two-part webinar series to evaluate the year’s most pressing challenges and share critical updates shaping the 2026 security landscape.
[January 14 & 21, 2025 | Virtual]
SecurityWeek’s Cloud and Data Security Summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure and APIs. [July 16, 2025 – Virtual]
-
Security firms say the flaw has been actively exploited for weeks, even as Fortinet quietly shipped fixes and CISA added the bug to its… (November 14, 2025)
-
Other noteworthy stories that might have slipped under the radar: EchoGram attack undermines AI guardrails, Asahi brewer still crippled after ransomware attack, Sora 2… (November 14, 2025)
-
A vulnerability in ImunifyAV can be exploited for arbitrary code execution by uploading a malicious file to shared servers. (November 14, 2025)
-
Tracked as CVE-2025-9242 (CVSS score of 9.3), the flaw leads to unauthenticated, remote code execution on vulnerable firewalls. (November 13, 2025)
-
Hackers drained more cryptocurrency from Balancer by exploiting a rounding function and performing batch swaps. (November 6, 2025)
-
Get practical strategies to help minimize your risk exposure, including the need for identity threat detection and mitigation. (November 5, 2025)
-
The United States has imposed sanctions on a group of bankers, financial institutions and others accused of laundering money from cyber crime schemes. (November 5, 2025)
-
Yuriy Igorevich Rybtsov, aka MrICQ, was arrested in Italy and lost his appeal to avoid extradition to the US. (November 3, 2025)
