Management & Strategy
Google this week announced an extended support period for Android 11 and later devices launching with Qualcomm System-on-Chip (SoC) models.Currently, devices receive support for...
Hi, what are you looking for?
SecurityWeek
Artificial Intelligence
AWS has patched the vulnerability and published its own advisory to inform customers about the potential impact.
ICS/OT
The exploited flaw, CVE-2025-67038, is one of the vulnerabilities disclosed in April as part of the BRIDGE:BREAK research project.
Vulnerabilities
The latest GitLab CE/EE updates address 13 vulnerabilities, including three high-severity defects.
Vulnerabilities
The latest version of the open source data transfer tool resolves 18 medium and low-severity vulnerabilities.
Cybercrime
The Federal Bureau of Investigation has released a Private Industry Notification to warn of DoppelPaymer ransomware attacks on critical infrastructure.
Vulnerabilities
Trend Micro informed customers this week that an update for its InterScan Web Security Virtual Appliance (IWSVA) patches several potentially serious vulnerabilities, including ones...
Management & Strategy
Vulnerabilities in the protocols used by standalone 5G network implementations could expose users to information theft, impersonation, and other types of attacks, Positive Technologies...
Data Protection
Covert Wi-Fi signals generated by DDR SDRAM hardware can be leveraged to exfiltrate data from air-gapped computers, a researcher claims.
Endpoint Security
Updates released this week by Apple for its macOS operating systems patch a total of 59 vulnerabilities, including roughly 30 that could lead to...
IoT Security
Vulnerabilities discovered in Medtronic’s MyCareLink Smart 25000 Patient Reader product could be exploited to take control of a paired cardiac device.
Endpoint Security
Microsoft and several major cybersecurity companies have responded to a researcher’s disclosure of a method for remotely disabling their antivirus products by leveraging the...
ICS/OT
A vast majority of operational technology (OT) devices affected by the Urgent/11 vulnerabilities and many devices impacted by the CDPwn flaws remain unpatched, IoT...
Cybercrime
Palo Alto Networks security researchers have discovered a Linux-based cryptocurrency-mining botnet that being delivered via PostgreSQL.
Cybercrime
SolarWinds’ investigation into the recent attacks that leveraged its products to target government and private sector organizations revealed that 18,000 customers may have used...
Email Security
Apple on Monday released a major point-upgrade to its flagship iOS and iPadOS mobile operating systems to patch a handful of serious security vulnerabilities.
Vulnerabilities
While the number of identified vulnerabilities has increased significantly over the past years, the percentage of flaws that are exploitable or have actually been...
ICS/OT
A potentially serious vulnerability affecting CompactRIO controllers made by NI (National Instruments) could allow hackers to remotely disrupt production processes in an organization, according...
Vulnerabilities
Three months after addressing a critical flaw in Jabber for Windows, Cisco released patches for a similar vulnerability in the video conferencing and instant...
Vulnerabilities
Details and a proof-of-concept (PoC) exploit have been released for an unpatched privilege escalation vulnerability in Windows related to the PsExec administration tool.The vulnerability...
Email Security
Exploiting weak credentials on MySQL servers connected to the Internet, an ongoing ransomware campaign has compromised more than 250,000 databases to date, according to...
Email Security
Security researchers on Thursday documented and described a new injection technique capable of extracting sensitive data from PDF files.
Application Security
The Open Source Security Foundation (OpenSSF) announced on Wednesday at the Black Hat Europe conference the availability of an open source tool designed for...
Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.
RegisterThis year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.
RegisterExpert Insights
From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI.
(Etay Maor)
Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage.
(Torsten George)
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)