Application Security
Software giant Microsoft has open-sourced its internal tool for generating SBOMs (software bill of materials) as part of a move to help organizations be...
Hi, what are you looking for?
SecurityWeek
Cybersecurity Funding
The company has developed a platform that uses specialized AI agents to inspect every incoming message.
Email Security
Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions.
Email Security
CVE-2026-40361 is similar to a vulnerability found a decade ago, BadWinmail, which at the time was dubbed an “enterprise killer”.
Email Security
The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access.
Application Security
Microsoft has issued an urgent Patch Tuesday bulletin to warn of in-the-wild zero-day exploitation of a privilege escalation flaw in the Windows operating system.
Application Security
Software maker Adobe has rolled out a major security update for its flagship Acrobat and Reader products to fix at least 22 documented vulnerabilities,...
Application Security
Cybersecurity firm Emsisoft has released free decryptor tools for AstraLocker, a "smash-and-grab" ransomware family that was recently retired.
Application Security
OpenSSL has issued an urgent advisory to warn of a memory corruption vulnerability that exposes servers to remote code execution attacks.The vulnerability, tracked as...
Application Security
Security researchers at ReversingLabs are warning of a “significant escalation in software supply chain attacks” after discovering more than two dozen malicious NPM packages...
Application Security
The United States Department of Defense (DoD) has launched a one-week bug bounty program to reward researchers who find high- and critical-severity vulnerabilities in...
Application Security
Security automation startup Swimlane on Wednesday announced it has raised $70 million in a Series C funding round that brings the total investment in...
Application Security
A new variant of the Hive ransomware written using the Rust programming language is more evasive and provides attackers with flexibility, courtesy of support...
Application Security
Chicago-based Infrastructure-as-Code (IaC) startup oak9 has attracted new interest from venture capitalists with Cisco Investments and Morgan Stanley’s Next Level Fund joining a new...
Application Security
The infamous North Korean Lazarus hacking group is the prime suspect in the $100 million hack of Harmony’s Horizon Bridge, according to new data...
Application Security
Bay Area startup Normalyze on Monday announced a $22 million in Series A funding as venture capital investors rush to place bets on the...
Application Security
Cyolo, an Israeli startup building technology for zero trust networking, on Monday announced a new $60 million investment led by the venture investing arm...
Application Security
Security researchers at CrowdStrike have stumbled upon ransomware actors deploying zero-day exploits against Mitel VOIP appliances sitting on the network perimeter.
Application Security
Cryptographers at Swiss university ETH Zurich have found at least five exploitable security flaws in the privacy-themed MEGA cloud storage service and warned that...
Application Security
Cloud security startup Aqua Security has partnered with the Center for Internet Security (CIS) to create guidelines for software supply chain security and followed...
Application Security
RevealSecurity, an Israeli data security startup building technology to thwart malicious insider threats, on Tuesday announced the closing of a $23 million funding round...
Cybercrime
The German Green party, which is part of the country’s governing coalition, says its IT system was hit by a cyberattack last month that...
Application Security
Researchers at F5 Labs have nabbed a new Android malware family capable of exfiltrating financial and personal information after taking control of infected devices.
Application Security
Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors...
Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.
RegisterExplore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks.
RegisterExpert Insights
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
(Joshua Goldfarb)
The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose.
(Steve Durbin)