Application Security
The Federal Bureau of Investigation (FBI) has issued an alert on a new phishing scheme aimed at tricking victims into making money transfers to...
Hi, what are you looking for?
SecurityWeek
Malware & Threats
The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs.
Network Security
Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root.
Network Security
Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write.
Network Security
Fortinet rolled out hotfixes for the security defect in April, warning that it had been exploited in the wild as a zero-day and urging...
Application Security
GitHub has sounded the alarm on a cyberattack that resulted in the private repositories of dozens of organizations being downloaded by an unauthorized party...
Application Security
Threat hunters at Symantec have spotted signs that North Korea’s Lazarus APT group is targeting companies in the chemical sector in an ongoing cyberespionage...
Application Security
The U.S. government says the recent $600 million Ronin Validator cryptocurrency heist was conducted by Lazarus Group, the notorious hacking outfit linked to the...
Application Security
Cloud computing and virtualization technology firm VMWare on Thursday rolled out patches for an extremely critical security flaw in the VMWare Cloud Director product,...
Application Security
Less than a week after patching critical security defects affecting multiple enterprise-facing products, VMware is warning that one of the flaws is being exploited...
Application Security
Microsoft has disrupted the operation of one of the most notorious cybercrime botnets and named a Crimean hacker as an alleged perpetrator behind the...
Application Security
Microsoft on Tuesday issued a warning for an in-the-wild zero-day attack hitting Windows users and raised eyebrows when it credited the U.S. government National...
Funding/M&A
Investment giant KKR has agreed to acquire Barracuda Networks from private equity firm Thoma Bravo, the firms announced Tuesday.
Application Security
Adobe's security update engine revved into overdrive this month with the release of patches for at least 78 documented software vulnerabilities, some serious enough...
Application Security
OpenSSH has joined the high-stakes fight to protect data from quantum computers.The latest version of the widely used encryption and connectivity tool has been...
Application Security
Scope Security has announced the sudden passing of its founder and CEO Mike Murray, a longtime practitioner and executive who was deeply embedded in...
Application Security
Private equity firm Thoma Bravo's deep push into the cybersecurity market continued Monday with the announcement of plans to spend $6.9 billion to acquire...
Network Security
Analyzing the attack goals of adversaries is important to be able to better align defenses against the speed of changing attack techniques. By focusing...
Application Security
Nudge Security, an early stage startup promising to help organizations manage cybersecurity decisions, has banked a $7 million seed round.
Cybersecurity Funding
Lithuania-based VPN provider reaches “Unicorn” status with first ever outside funding
Application Security
Apple is being called to task for neglecting to patch two "actively exploited" zero-day vulnerabilities on older versions of its flagship macOS platform.
Application Security
Malware hunters at Broadcom’s Symantec division have spotted signs that a long-running cyberespionage campaign linked to Chinese nation-state hackers is now going after managed...
Application Security
Financial services and stock trading platform CashApp on Tuesday fessed up to a data breach being blamed on a former employee who stole brokerage...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)