SecurityWeek

Citizen Lab publishes forensic proof that spyware maker Paragon can compromise up-to-date iPhones. Journalists in Europe among victims.

AI-generated voice deepfakes have crossed the uncanny valley, fueling a surge in fraud that outpaces traditional security measures. Detection technology is racing to keep up.

Hirundo tackles AI hallucinations and bias by making trained models “forget” poisoned, malicious, and confidential data.

The new attack technique uses smartwatches to capture ultrasonic covert communication in air-gapped environments and exfiltrate data.

Learn how attackers hide in plain sight—and what you can do to stop them without slowing down your business.

Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data from Copilot.

It’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.

Between May 2024 and April 2025, Cloudflare blocked 109 billion malicious requests targeting organizations protected under Project Galileo.

Palo Alto Networks has released patches for seven vulnerabilities and incorporated the latest Chrome fixes in its products.

Interpol has announced a crackdown on infostealer malware in Asia as part of an effort called Operation Secure.

Beyond potentially halting sales of physical goods, breaches can expose customers’ personal data to future phishing or fraud attempts.

Cybersecurity heavyweight Securonix acquires ThreatQuotient to boost plans to build an all-in-one security operations stack.

Maze and its investors are betting on finding profits in software that uses AI-powered agents to automate critical parts of the process.

Vulnerable DTResearch UEFI firmware applications can be used in BYOVD attacks to bypass Secure Boot.

Patches released by Fortinet and Ivanti resolve over a dozen vulnerabilities, including high-severity flaws leading to code execution, credential leaks.

Bitsight has identified over 40,000 security cameras that can be easily hacked for spying or other types of malicious activity.

Investigators leveraged a vulnerability dubbed DanaBleed to obtain insights into the internal operations of the DanaBot botnet.

Series E funding round brings Cyera’s total funding to over $1.3 billion and values the data security firm at $6 billion.

Horizon3.ai has raised $100 million to expand product capabilities, and to scale its partner ecosystem and federal market presence.

Many security professionals feel pressured to pursue leadership roles, but success can also mean going deeper, not just higher.