SecurityWeek

An analysis conducted by SecurityWeek shows that 405 cybersecurity-related mergers and acquisitions were announced in 2024.

Jscrambler has received a $5.2 million investment from Iberis Capital to accelerate innovation and research.

Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability.

Threat actors are increasingly exploiting two old vulnerabilities in ThinkPHP and OwnCloud in their attacks.

Google has released a Chrome 133 update to address four high-severity vulnerabilities reported by external researchers.

The Italian government denied it hacked seven cellphones with military-grade surveillance technology from Paragon Solutions.

QuSecure is pitching a software-based security architecture that overlays onto current networks to help businesses with PQC migration.

A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence.

Security and compliance automation firm Drata has acquired trust center platform SafeBase in a quarter billion dollar deal.

Ivanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in their products.

A new GAO report assesses that the Coast Guard needs to improve Maritime Transportation System (MTS) cybersecurity.

Chipmakers Intel, AMD and Nvidia on Tuesday published new security advisories to inform customers about vulnerabilities found in their products. 

A fresh post on the Kraken ransomware group’s leak website refers to data stolen in a 2022 cyberattack, Cisco says.

Industrial giants Schneider Electric and Siemens have released February 2025 Patch Tuesday ICS security advisories.

On the eve of the Munich Security Conference, Google argues that the cybercriminal threat should be treated as a national security threat like state-backed hacking groups.

The Microsoft Patch Tuesday machine hummed loudly this month with urgent fixes for a pair of already-exploited Windows zero-days.

Patch Tuesday: Adobe patches 45 vulnerabilities across multiple products and warns of remote code execution exploitation risks.

Russia-based bulletproof hosting services provider Zservers was sanctioned for providing services to support LockBit ransomware operations.

OpenSSL has patched CVE-2024-12797, a high-severity vulnerability found by Apple that can allow man-in-the-middle attacks.

SAP has released 19 new and two updated security notes on its February 2025 patch day, including six notes for high-severity vulnerabilities.