Application Security
Messaging and collaboration software maker Zimbra has rushed out patches to provide cover for a code execution flaw that has already been exploited to...
Hi, what are you looking for?
SecurityWeek
Malware & Threats
The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs.
Network Security
Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root.
Network Security
Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write.
Network Security
Fortinet rolled out hotfixes for the security defect in April, warning that it had been exploited in the wild as a zero-day and urging...
Application Security
Video messaging technology powerhouse Zoom has rolled out a high-priority patch for macOS users alongside a warning that hackers could abuse the software flaw...
Network Security
Palo Alto Networks and Aruba Networks have each announced patches for severe vulnerabilities affecting their products.
Incident Response
“Wisdom consists of the anticipation of consequences.” - Norman Cousins
Application Security
Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...
Application Security
It’s officially a venture capital funding frenzy in the software supply chain security space.
Cybersecurity Funding
Quantum-secure networking devices maker Qunnect this week announced raising $8 million in a Series A funding round that brings the total investment in the...
Application Security
A San Francisco jury on Wednesday found former Uber security chief Joe Sullivan guilty of covering up a 2016 data breach and concealing information...
Application Security
Private equity giant KKR is expanding its big bet on penetration testing and attack surface management firm NetSPI with a new $410 million investment...
Audits
The Cybersecurity and Infrastructure Security Agency (CISA) this week published Binding Operational Directive 23-01 (BOD 23-01), which requires federal agencies to take the necessary...
Application Security
Application Security
Israeli startup LayerX has joined the list of companies scoring investor interest in the tricky enterprise browser market.LayerX, based in Tel Aviv, came out...
Application Security
Threat hunters at Microsoft have intercepted a notorious North Korean government hacking group lacing legitimate open source software with custom malware capable of data...
Application Security
The funding frenzy in the software supply chain space now includes Ox Security, an early-stage Israeli startup that just raised a whopping $34 million...
Network Security
Cisco this week has confirmed that tens of its enterprise routers and switches are impacted by bypass vulnerabilities in the Layer-2 (L2) network security...
Application Security
Cybersecurity sleuths at SentinelLabs are calling on the wider threat hunting community to help decipher a new mysterious malware campaign hitting telcos, ISPs and...
Application Security
The Ukrainian government says it is bracing to deal with “massive cyberattacks” from Russian hackers against critical infrastructure targets in the energy sector.
Application Security
Endpoint detection and response pioneer CrowdStrike is elbowing its way into new security markets with a planned acquisition of attack surface management startup Reposify...
Cybersecurity Funding
Operant Networks has emerged from stealth mode with $3.8 million in seed funding and a secure access service edge (SASE) solution focused on operational...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)