Email Security
Vulnerabilities in the Zimbra enterprise webmail solution could allow an attacker to gain unrestricted access to an organization’s sent and received email messages, software...
Hi, what are you looking for?
SecurityWeek
Artificial Intelligence
AWS has patched the vulnerability and published its own advisory to inform customers about the potential impact.
ICS/OT
The exploited flaw, CVE-2025-67038, is one of the vulnerabilities disclosed in April as part of the BRIDGE:BREAK research project.
Vulnerabilities
The latest GitLab CE/EE updates address 13 vulnerabilities, including three high-severity defects.
Vulnerabilities
The latest version of the open source data transfer tool resolves 18 medium and low-severity vulnerabilities.
Vulnerabilities
An unauthenticated OS command injection vulnerability in the Sunhillo SureLine application could allow an attacker to execute arbitrary commands with root privileges, according to...
Cyberwarfare
A recently disclosed vulnerability affecting a popular survey creation tool has been exploited by a threat group that may be linked to China against...
Application Security
Apple on Monday released a major security update with fixes for a security defect the company says “may have been actively exploited” to plant...
Application Security
Mozilla has completely removed support for the File Transfer Protocol (FTP) from the latest release of its flagship Firefox web browser.
Vulnerabilities
A look into MITRE's 2021 CWE Top 25 Most Dangerous Software Weaknesses
Vulnerabilities
Enterprises have been warned of a new attack method that can be used by malicious actors to take complete control of a Windows domain.
Application Security
Threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners, according to a warning from security vendor Intezer.
ICS/OT
The U.S. House of Representatives this week passed several cybersecurity bills, including ones related to critical infrastructure, industrial control systems (ICS), and grants for...
Application Security
European bug bounty and vulnerability disclosure policy platform YesWeHack this week announced the closing of a €16 million ($18.8 million) round of venture capital...
Vulnerabilities
Software development and collaboration solutions provider Atlassian on Wednesday informed customers that it has patched a critical code execution vulnerability affecting some of its...
Mobile & Wireless
Tens of Vulnerabilities Patched by Apple in macOS and iOSApple this week started rolling out security updates for iOS, macOS, iPadOS, watchOS, tvOS, and...
Vulnerabilities
Patches released this week by Dell for its OpenManage Enterprise product address multiple critical-severity vulnerabilities.A systems management and monitoring application, Dell OpenManage Enterprise provides...
Application Security
Google Cloud this week announced a new set of services aimed at help federal, state, and local government organizations in the United States to...
Application Security
After years of mostly sitting on the sidelines, Microsoft is starting to be aggressive with cybersecurity acquisitions.The world’s largest software company said Wednesday it...
Cloud Security
Researchers at industrial cybersecurity firm Claroty have identified a series of vulnerabilities that have enabled them to demonstrate how malicious actors could abuse cloud-based...
Vulnerabilities
Oracle on Tuesday announced the availability of a total of 342 new security patches as part of its July 2021 Critical Patch Update (CPU)....
Vulnerabilities
A printer driver shipped to millions of computers since 2005 is affected by a vulnerability that can be exploited for privilege escalation, according to...
Vulnerabilities
Security updates released by Adobe on Tuesday for seven of its products patch a total of 21 vulnerabilities, including 15 flaws that have been...
Vulnerabilities
Fortinet on Monday announced the availability of patches for a vulnerability in both FortiManager and FortiAnalyzer that could allow an attacker to execute code...
Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.
RegisterThis year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.
RegisterExpert Insights
From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI.
(Etay Maor)
Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage.
(Torsten George)
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)