Audits
Multiple large organizations were found to be impacted by an authentication bypass in Adobe Experience Manager CRX Package Manager, according to a warning from...
Hi, what are you looking for?
SecurityWeek
Mobile & Wireless
A simple development setting bypassed protections designed to prevent unauthorized Android apps from accessing Microsoft account tokens, exposing billions of installations.
Mobile & Wireless
Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks.
Malware & Threats
Delivered via phishing lures, the malware combines financial theft with data exfiltration and remote access.
Mobile & Wireless
The tech giant has also ported the patch for a recent deleted chats recovery issue to older versions of iOS.
Application Security
Microsoft is investigating an incident where a threat actor submitted malicious drivers for certification through the Windows Hardware Compatibility Program.Built by a third-party, the...
Application Security
Jeremiah Grossman's Bit Discovery has banked another $4 million in venture capital funding to compete in the crowded attack surface management space.
Application Security
Amazon’s AWS subsidiary on Friday announced the acquisition of Wickr, a late-stage startup that sells end-to-end encrypted communications tools. Financial terms of the transaction...
Application Security
Networking device manufacturer Zyxel has issued an alert to warn customers of attacks targeting a subset of security appliances that have remote management or...
Application Security
The U.S. government’s National Security Agency (NSA) on Tuesday announced plans to fund the development of a knowledge base of defensive countermeasures for the...
Application Security
Multiple vulnerabilities recently patched in Zephyr's Bluetooth LE stack could be exploited to cause denial of service conditions, prevent further connections, or even leak...
Endpoint Security
A group of academic researchers has created a tool that can be used to clone Android malware and test the resilience of these new...
Application Security
Google wants to bring “salsa” to drive enforcement at the software supply chain security party.
Application Security
Threat hunters at Kaspersky are sounding a warning for an Iranian APT actor that has been silently conducting domestic cyber-surveillance operations for the last...
Cloud Security
Google has finally enabled end-to-end encryption (E2EE) for the Messages app in Android but the privacy-enhancing tool remains somewhat limited.Google announced end-to-end encryption is...
Application Security
Identity management provider Elisity on Tuesday announced that it secured $26 million in Series A funding, bringing the total raised by the company to...
Application Security
Following a major software supply chain compromise that exposed data for several major companies, developer tools startup CodeCov plans to kill off the Bash...
Mobile & Wireless
Seeking to protect its image as a guardian of personal privacy, Apple maintains it was blindsided and handcuffed by a Trump administration probe that...
Application Security
Malicious hackers are exploiting an old VPN security flaw to compromise SonicWall SRA (secure remote access) devices, according to a warning from security vendor...
Application Security
Amazon this week activated its proprietary mesh network known as Sidewalk, linking tens of millions of Amazon smart devices, each sharing a tiny sliver...
Mobile & Wireless
Google this week announced the availability of the latest monthly security patches for the Android operating system, which address more than 50 vulnerabilities, including...
Application Security
United States trucks and military vehicles maker Navistar International Corporation has confirmed a cyberattack that resulted in some data being stolen.
Cybersecurity Funding
Enterprise mobile security company Hypori this week announced it raised $20 million in a Series A funding round led by GreatPoint Ventures (GPV). To...
Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.
RegisterExplore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks.
RegisterExpert Insights
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
(Joshua Goldfarb)
The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose.
(Steve Durbin)