Eduard Kovacs

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Google Detects First AI-Generated Zero-Day Exploit

The zero-day was designed to bypass 2FA and it was developed by a prominent cybercrime group.

May 11, 2026

Cloudflare Lays Off 1,100 Employees in AI-Driven Restructuring

The company topped revenue and earnings forecasts for the first quarter of 2026, but its shares plunged more than 20%.

May 11, 2026

New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks

Also called Copy Fail 2 and tracked as CVE-2026-43284 and CVE-2026-43500, the exploit was disclosed before a patch was released.

May 11, 2026

Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants

The hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply.

May 8, 2026

Ransomware Group Takes Credit for Trellix Hack

RansomHouse has published several screenshots to demonstrate access to internal Trellix services.

May 8, 2026

Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks

CVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code.

May 8, 2026

Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking

The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was.

May 7, 2026

Attackers Could Exploit AI Vision Models Using Imperceptible Image Changes

Cisco’s AI security researchers have analyzed ways to target vision-language models (VLMs) using pixel-level perturbation.

May 7, 2026

Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion

Dragos has published a report describing how threat actors used Claude AI in an attack on a water and drainage utility in Mexico.

May 7, 2026

Romanian Man Extradited to US for Role in Hacking Scheme 17 Years Ago

Gavril Sandu, 53, was indicted in 2017, but was arrested and extradited to the United States only in 2026.

May 6, 2026

CISA Launches ‘CI Fortify’ to Prepare Critical Infrastructure for Geopolitical Cyber Conflict

Agency issued guidance and calls on operators to build resilient OT environments capable of surviving extended isolation and cyber compromise.

May 6, 2026

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls

CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls.

May 6, 2026

Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations

The malicious emails claim to contain a conduct report and lure victims to a Microsoft phishing website that leverages AitM.

May 5, 2026

Critical Remote Code Execution Vulnerability Patched in Android

CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction.

May 5, 2026

WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities

The vulnerabilities were reported to Meta through its bug bounty program and were patched with updates released earlier this year.

May 5, 2026

Trellix Source Code Repository Breached

The cybersecurity firm’s investigation has not found any impact on its source code release or distribution process.

May 4, 2026

Cybersecurity M&A Roundup: 33 Deals Announced in April 2026

Significant cybersecurity M&A deals announced by Airbus, Cyera, Fortra, Palo Alto Networks, Silverfort, and Socket.

May 4, 2026

OpenAI Rolls Out Advanced Security for ChatGPT Accounts

Advanced Account Security provides stronger login methods, more secure account recovery, shorter sessions, and training exclusion.

May 4, 2026

Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge

The maximum reward for a zero-click Pixel Titan M exploit with persistence has increased to $1.5 million.

May 1, 2026

Two US Security Experts Sentenced to Prison for Helping Ransomware Gang

Ryan Goldberg of Georgia and Kevin Martin of Texas were each sentenced to four years in prison.

May 1, 2026

SECURITYWEEK NETWORK:

ICS:

Eduard Kovacs

Google Detects First AI-Generated Zero-Day Exploit

Cloudflare Lays Off 1,100 Employees in AI-Driven Restructuring

New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks

Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants

Ransomware Group Takes Credit for Trellix Hack

Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks

Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking

Attackers Could Exploit AI Vision Models Using Imperceptible Image Changes

Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion

Romanian Man Extradited to US for Role in Hacking Scheme 17 Years Ago

CISA Launches ‘CI Fortify’ to Prepare Critical Infrastructure for Geopolitical Cyber Conflict

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls

Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations

Critical Remote Code Execution Vulnerability Patched in Android

WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities

Trellix Source Code Repository Breached

Cybersecurity M&A Roundup: 33 Deals Announced in April 2026

OpenAI Rolls Out Advanced Security for ChatGPT Accounts

Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge

Two US Security Experts Sentenced to Prison for Helping Ransomware Gang

Featured

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Artificial Intelligence

AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

ICS/OT

Cal Water Investigating Iranian Hackers’ Claims

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Ransomware

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Latest News

Identity & Access

Webinar Today: How Modern Breaches Bypass MFA and Evade Detection

Funding/M&A

1Password Acquires Apono in Reported $250M-$300M Deal

Artificial Intelligence

Tenet Security Emerges From Stealth With $6 Million Seed Funding

ICS/OT

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Daily Briefing Newsletter