SecurityWeek

Chrome 126 security updates released this week resolve high-severity vulnerabilities reported by external researchers.

Oracle releases 386 new security patches to resolve roughly 240 unique CVEs as part of its July 2024 Critical Patch Update.

Pharmacy chain Rite Aid says 2.2 million people are impacted by a recent data breach for which the RansomHub group has taken credit.

NATO will establish a new cyber center to better protect against increasingly sophisticated cyber threats.

UnitedHealth booked $1.1 billion in total costs from the cyberattack in the second quarter.

CISA says it has evidence that a recent critical-severity vulnerability in GeoServer is exploited in the wild.

The Void Banshee APT exploited the CVE-2024-38112 Windows zero-day to infect systems with the Atlantida stealer.

A team of former GitHub engineers has secured $20 million in venture capital funding to build AI-powered security tools.

Frank Kim and Charles Blauner are responsible for security at both their own company and for the companies in which their firms invest.

Car dealership AutoNation has informed the SEC that the CDK Global ransomware attack impacted its quarterly earnings.

Hackers exploited a flaw to hijack cryptocurrency domains that were migrated from Google Domains to Squarespace.

Disney has launched an investigation after a hacker group named NullBulge leaked data allegedly stolen from the company.

Kaspersky is shutting down operations in the US and laying off employees following the recent Commerce Department ban.

Over 310 GB of data from mSpy, including 2.4 million email addresses and other user data, was leaked online.

IoT cybersecurity company Exein has raised €15 million (~$16.3 million) in a Series B funding round led by 33N.

The massive AT&T breach has been linked to an American hacker living in Turkey and reports say the telecom giant paid a $370,000 ransom.

A second remote code execution vulnerability, tracked as CVE-2024-6409, was found in OpenSSH during an analysis of the regreSSHion flaw.

Vyacheslav Igorevich Penchukov was sentenced to nine years in prison for his role in the Zeus and IcedID malware operations.

Google's parent company Alphabet is reportedly in advanced talks to acquire the hotshot Israeli data security startup.

Noteworthy stories that might have slipped under the radar: Apple's spyware warning, CDK Global's ransom payment, Platinum giant Sibanye hit by cyberattack.