Supply Chain Security
A cross-tenant vulnerability in Amazon Web Services (AWS) could have allowed attackers to abuse AWS AppSync to gain access to resources in an organization’s...
Hi, what are you looking for?
SecurityWeek
Cybersecurity Funding
The funding round brings the total amount raised by the NetRise to roughly $25 million.
Malware & Threats
The flaw, tagged as CVE-2025-30406, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog in early April.
Supply Chain Security
Researchers uncover new software supply chain threat from LLM-generated package hallucinations.
Cybercrime
Threat actors are publishing malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers.
Application Security
Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack.
Supply Chain Security
Join the virtual event as we explore of the critical nature of software and vendor supply chain security issues.
Cyberwarfare
Microsoft is warning organizations about the risks associated with the discontinued Boa web server after vulnerabilities affecting the software were apparently exploited by threat...
Compliance
Last month, CISA released cross-sector cybersecurity performance goals (CPGs) in response to President Biden’s 2021 National Security Memorandum on improving cybersecurity for critical infrastructure control...
Application Security
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI) this week...
Application Security
Cybersecurity powerhouse Palo Alto Networks on Thursday announced plans to spend $195 million in cash to acquire Israeli startup Cider Security, a deal that...
Application Security
The Open Source Security Foundation (OpenSSF) on Wednesday announced the adoption of Secure Supply Chain Consumption Framework (S2C2F), a Microsoft-built framework for consuming open...
Cybercrime
Security researchers are raising alarm on an ongoing supply chain attack that uses malicious Python packages to distribute an information stealer.
Application Security
Israeli early-stage startup Akeyless has banked a whopping $65 million in venture capital funding to build technology to help businesses manage credentials, certificates, keys...
Application Security
BoostSecurity on Wednesday emerged from stealth mode with a DevSecOps automation platform and $12 million in seed funding.
Application Security
The National Security Agency (NSA) has published guidance on how organizations can implement protections against common software memory safety issues.
Cybercrime
Canadian meat giant Maple Leaf Foods has confirmed that it is experiencing an outage after falling victim to a cyberattack.
Risk Management
Artificial Intelligence
With unapproved AI tools entrenched in daily workflows, experts say it’s time to shift from monitoring to managing Shadow AI use across the enterprise.
Vulnerabilities
Vulnerabilities
Malware & Threats
Data Breaches
Cybercrime
Noteworthy stories that might have slipped under the radar: 4chan hacked, auto-reboot security feature coming to Android, Iranian administrator of Nemesis charged in US.
Cybersecurity Funding
Data Breaches
Data Breaches
Vulnerabilities
