Latest News

Most of the 100 vulnerabilities resolved this week, including critical flaws, were in third-party dependencies.

The Chrome zero-day does not have a CVE and it's unclear who reported it and which browser component it affects.

Over the past decade, overall funding in Israeli cybersecurity companies has increased by more than 500%, according to YL Ventures. 

Join to access sessions aimed at educating, inspiring, and provoking new ways of thinking about the hype and promise surrounding AI-powered enterprise security solutions and the threats posed by adversarial use of AI.

Victoria Dubranova faces over 25 years in prison for links to Russia-backed CARR and NoName hacktivist groups.

GeminiJack is a zero-click Gemini attack that could have been exploited using specially crafted emails, calendar invites, or documents.

The two security defects impact FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager with FortiCloud SSO login authentication enabled.

The XSS vulnerability could allow remote attackers to execute arbitrary JavaScript code with administrator privileges.

Affecting Solution Manager, Commerce Cloud, and jConnect SDK, the bugs could lead to code injection and remote code execution.

Dozens of vulnerabilities have been patched by the industrial giants across their products.

The PCIe flaws, found by Intel employees, can be exploited for information disclosure, escalation of privilege, or DoS.

Britain and its allies face escalating “hybrid threats … designed to weaken critical national infrastructure, undermine our interests and interfere in our democracies.”

The Experience Manager security update resolves 117 vulnerabilities, including 116 identified as cross-site scripting (XSS) bugs.

Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges.

Promotions across Microsoft’s security organization reinforce the company’s shift toward AI-driven defense and tighter operational oversight under Global CISO Igor Tsyganskiy.