More than 20 vulnerabilities were found and patched in Dormakaba physical access control systems.
10 years after disrupting the Ukrainian power grid, the APT targeted Poland with data-wiping malware.
The critical-severity vulnerability can be exploited via crafted network packets for remote code execution.
To all those who are fighting the good fight in the world of cyber, keep collaborating to ensure our world never succumbs to the chaos of the Upside Down.
By integrating identity threat detection with MFA, organizations can protect sensitive data, maintain operational continuity, and reduce risk exposure.
Security leaders chart course beyond predictions with focus on supply chain, governance, and team efficiency.
When software can think and act on its own, security strategies must shift from static policy enforcement to real-time behavioral governance.
Security advice fails when it comes from those who don’t bear the consequences and won’t be responsible for making it work.
Attendees will walk away with guidance for how to build AI agents identities, unify them under a consistent security model, and ensure AI development moves quickly without compromise.
RegisterSecurityWeek’s 2026 Ransomware Summit will discuss a roadmap for defending the enterprise, from mitigating root causes to mastering recovery, giving security teams the critical insights needed to navigate and neutralize today’s ransomware extortion threats.
Register
SecurityWeek’s CISO Forum 2026 Outlook Series is a two-part webinar series to evaluate the year’s most pressing challenges and share critical updates shaping the 2026 security landscape.
[January 14 & 21, 2026 | Virtual]
SecurityWeek’s 2026 Ransomware Summit is a must-attend event for cybersecurity professionals as ransomware attacks continue to hit big-name victims across industries with ruthless efficiency.
[February 25, 2026 | Virtual]
SecurityWeek’s 2026 Supply Chain Security Summit is where top security experts unpack the complexity of modern software supply chain threats and proven strategies to mitigate risk.
[March 18, 2026 | Virtual]
SecurityWeek’s 2026 Threat Detection & IR Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and more.
[May 20, 2026 | Virtual]
-
The flaws allow threat actors to obtain root privileges or bypass authentication via Telnet and gain shell access as root. (January 27, 2026)
-
The vulnerability is tracked as CVE-2026-21509 and it can be exploited to bypass security features. (January 27, 2026)
-
More than 20 vulnerabilities were found and patched in Dormakaba physical access control systems. (January 26, 2026)
-
The critical-severity vulnerability can be exploited via crafted network packets for remote code execution. (January 26, 2026)
-
The WorldLeaks cybercrime group claims to have stolen information from the footwear and apparel giant’s systems. (January 24, 2026)
-
Dozens of Venezuelan nationals have been charged by the US for their role in ATM jackpotting attacks. (January 23, 2026)
-
Threat actors may have wanted to take advantage of the holiday weekend in the United States to increase their chances of success. (January 21, 2026)
-
Operating as an access broker, the defendant sold unauthorized access to compromised networks to an undercover agent. (January 19, 2026)
