Cloud Security
Microsoft’s aggressive push to ferret out security problems in the firmware powering IoT devices took on new urgency this week with the acquisition of...
Hi, what are you looking for?
SecurityWeek
Mobile & Wireless
A simple development setting bypassed protections designed to prevent unauthorized Android apps from accessing Microsoft account tokens, exposing billions of installations.
Mobile & Wireless
Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks.
Malware & Threats
Delivered via phishing lures, the malware combines financial theft with data exfiltration and remote access.
Mobile & Wireless
The tech giant has also ported the patch for a recent deleted chats recovery issue to older versions of iOS.
ICS/OT
Researchers working for a French government agency have identified seven new Bluetooth vulnerabilities that could expose many devices to impersonation and other types of...
Data Protection
Researchers at cybersecurity firm Check Point discovered that many Android applications publicly expose sensitive user data through misconfigured third-party services.
Malware & Threats
Google has updated its May 2021 Android security bulletin to alert users that four vulnerabilities appear to have been exploited in attacks.
Application Security
Cloud-native authorization provider Styra on Tuesday announced that it closed a $40 million Series B funding round. To date, the company has raised more...
Application Security
Following an eight-month audit of the code in the latest infotainment system in Mercedes-Benz cars, security researchers with Tencent Security Keen Lab identified five vulnerabilities,...
Endpoint Security
Apple this week updated its Platform Security Guide to provide more details on a couple of recently announced authentication features.
Funding/M&A
Acquisition will extend Jamf’s Zero Trust Network Access, threat defense and data policy enforcement for Apple devices
IoT Security
A researcher this week disclosed the details of a dozen design and implementation flaws that could affect all devices with Wi-Fi capabilities, exposing their...
Application Security
Cycode, an Israeli startup focused on securing DevOps tools, today announced that it has raised $20 million in Series A funding, which brings the...
Cybercrime
Documents submitted in a court case involving Apple revealed that the XcodeGhost malware discovered in 2015 impacted 128 million iOS users.
Cloud Security
Google has released a new open-source tool called cosign to make it easier to manage the process of signing and verifying container images.
Application Security
The massive blast radius from the Codecov supply chain attack remains shrouded in mystery as security teams continue to assess the fallout from the...
Data Protection
Google this week announced that it is introducing a new policy for the Google Play app store, requiring all developers to provide information on...
Mobile & Wireless
Billions of Android devices are exposed to a vulnerability in Qualcomm’s Mobile Station Modem (MSM) chipA vulnerability in Qualcomm’s Mobile Station Modem (MSM) chip–...
Application Security
The United States Department of Defense this week announced an expansion of the scope of its vulnerability disclosure program to include all of its...
Mobile & Wireless
The Android operating system updates released by Google for May 2021 patch a total of 42 vulnerabilities, including four considered critical severity.
Cloud Security
Apple’s problems with zero-day attacks continued this week with news of another mysterious in-the-wild compromise affecting iPhones, iPads and macOS devices.
Application Security
Embattled VPN technology vendor Pulse Secure on Monday updated an “out-of-cycle” advisory with patches for four major security vulnerabilities, including belated cover for an...
Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.
RegisterExplore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks.
RegisterExpert Insights
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
(Joshua Goldfarb)
The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose.
(Steve Durbin)