Application Security
Ride-hailing giant Uber is moving quickly to downplay the impact from a devastating security breach that included the theft of employee credentials, access to...
Hi, what are you looking for?
SecurityWeek
Malware & Threats
The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs.
Network Security
Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root.
Network Security
Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write.
Network Security
Fortinet rolled out hotfixes for the security defect in April, warning that it had been exploited in the wild as a zero-day and urging...
Application Security
Security Operations Center (SOC) infrastructure start-up Cyrebro this week announced that it has banked $40 million in Series C funding, bringing the total raised...
Network Security
Multiple Netgear router models are vulnerable to arbitrary code execution via FunJSQ, a third-party module for online game acceleration, European security and compliance assessment...
Mobile & Wireless
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have published guidance on implementing an Open Radio Access Network (RAN)...
Application Security
The non-profit Rust Foundation has scored funding to build a dedicated security team to proactively identify and address security defects in the popular Rust...
Application Security
Silicon Valley late-stage startup Fortanix has banked $90 million in new capital to boost its place in the confidential computing and data protection marketplace.
Cloud Security
Dope.security this week emerged from stealth mode with a $4 million investment from Boldstart Ventures and a new approach to secure web gateways.Placed between...
Application Security
Just four months after emerging from stealth with $11 million in seed funding, Dig Security has banked an additional $34 million in venture capital...
Application Security
Microsoft on Tuesday warned that its security teams have detected zero-day exploitation of a critical vulnerability in its flagship Windows platform.
Application Security
Software maker Adobe has rolled out security fixes for at least 63 security vulnerabilities in a wide range of widely deployed Windows and macOS...
Application Security
Israeli startup Opus Security has banked $10 million in seed round funding to build technology for cloud security orchestration and remediation.Opus Security said the...
Application Security
Apple’s security response engine revved into high gear Monday with patches for security defects in a wide range of products, including fixes for a...
Application Security
Microsoft has published an analysis of the ransomware attacks associated with a subgroup of the Iran-linked advanced persistent threat (APT) actor Phosphorus.
Application Security
Multiple Iranian hacking groups participated in a recent cyberattack targeting the Albanian government, according to new data from Microsoft's security research and response teams.
Application Security
Three U.S. government agencies -- Cybersecurity and Information Security Agency (CISA), the National Security Agency (NSA) and the Office of the Director of National...
Application Security
Managed detection and response (MDR) platform provider Huntress on Thursday announced the closing of a $40 million debt financing round to speed up global...
Application Security
Security researchers at Rapid7 are warning about multiple secuirty vulnerabilities impacting Baxter’s Sigma Spectrum infusion pumps, including issues that could lead to the leakage...
Application Security
Forty-one cybersecurity-related M&A deals were announced in August 2022.
Application Security
Networking solutions provider Zyxel has released patches for a critical-severity vulnerability impacting the firmware of multiple network attached storage (NAS) device models.
Application Security
Atlassian’s security response team has issued an urgent advisory to warn of a critical command injection flaw in its Bitbucket Server and Data Center...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)