Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

OpenAI has raised its maximum bug bounty payout to $100,000 (up from $20,000) for high-impact flaws in its infrastructure and products.

Exploitation of Windows MMC zero-day is being pinned on a ransomware gang known as EncryptHub (an affiliate of RansomHub)

AMTSO has developed a Sandbox Evaluation Framework to standardize the testing of malware analysis solutions. 

The late-stage startup said the round was led Coatue Management and brings Island’s total external funding to approximately $730 million.

A new ransomware group called Arkana claims to have compromised the US telecommunications provider WideOpenWest.

SplxAI has raised $7 million in a seed funding round led by LAUNCHub Ventures to secure agentic AI systems.

Production line monitoring cameras made by Inaba can be hacked for surveillance and sabotage, but they remain unpatched.

macOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages.

Threat actors have started probing servers impacted by a critical-severity vulnerability in the web application development framework Next.js.

Despite Oracle categorically denying that its Cloud systems have been breached, sample data released by the hacker seems to prove otherwise.

The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks targeting organizations in Russia.

People on the Move

SplxAI, a startup focused on securing AI agents, has announced new CISO Sandy Dunn.

Phillip Miller is joining tax preparation giant H&R Block as VP and CISO.

Linx Security has appointed Sarit Reiner Frumkes as Chief Technology Officer.

Tabitha Craig has been named the CISO of the Congressional Budget Office (CBO).

Life360 has appointed Vari Bindra, former Amazon cybersecurity lead, as Chief Information Security Officer.

More People On The Move
OpenAI bug bounty program expansion OpenAI bug bounty program expansion

OpenAI has raised its maximum bug bounty payout to $100,000 (up from $20,000) for high-impact flaws in its infrastructure and products.

Chrome Chrome

The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks targeting organizations in Russia.

Frank Trezza, Hacker Frank Trezza, Hacker

Frank Trezza is fairly typical of most hackers. Early pranks sometimes leading to something more serious.

Top Cybersecurity Headlines

Critical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes.

The FCC is investigating whether Chinese firms such as Huawei, ZTE and China Telecom are still operating in the US.

More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

This webinar will guide you in aligning your security testing strategy with the right tools, helping you move beyond identifying weaknesses to effectively validating your overall security posture.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [August 19-20, 2025]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place August 19-20 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

This event delves into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Learn More

Supply Chain Security Summit
Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. (March 19, 2025)

Learn More

Vulnerabilities

Cybercrime

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers.

Cloud Security

Cloud Security

Despite Oracle categorically denying that its Cloud systems have been breached, sample data released by the hacker seems to prove otherwise.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.