SecurityWeek

The open source security firm will use the investment to enhance go-to-market efforts and accelerate platform expansion.

Promptfoo has raised $18.4 million in Series A funding to help organizations secure LLMs and generative AI applications.

The need for secure encryption in IoT and IIoT devices is obvious, and potentially critical for OT and, by extension, much of the critical infrastructure. 

The TCC bypass could expose information cached by Apple Intelligence, including geolocation and biometric data.

Dropzone AI has announced a Series B funding round led by Theory Ventures to boost its AI SOC solution. 

From prompt injection to emergent behavior, today’s curious AI models are quietly breaching trust boundaries.

Threat actors are exploiting a two-year-old vulnerability in PaperCut that allows them to execute arbitrary code remotely.

Fable Security has emerged from stealth mode with a solution designed to detect risky behaviors and educate employees.

Aanchal Gupta has been named CSO at Adobe after holding cybersecurity leadership roles at Microsoft for more than five years.

Deepfakes are causing security problems for governments, businesses and individuals and making trust the most valuable currency of the digital age.

Ukrainian and Belarusian hacker groups, which oppose the rule of Belarusian President Alexander Lukashenko, claimed responsibility for the cyberattack.

NASCAR says names, Social Security numbers, and other personal information was stolen in an April 2025 ransomware attack.

Root Evidence is developing fully integrated vulnerability scanning and attack surface management technology.

The financially motivated group is pivoting from Active Directory to VMware vSphere environments, deploying ransomware from the hypervisor.

Allianz subsidiary said the information of customers, financial professionals and employees was compromised as a result of a hack.

The emerging Chaos ransomware appears to be a rebranding of BlackSuit, which had its leak site seized by law enforcement.

The Post SMTP email delivery WordPress plugin is affected by a critical vulnerability and half of websites using it remain unpatched.

Noteworthy stories that might have slipped under the radar: Google Cloud Build vulnerability earns researcher big bounty, more countries hit by Louis Vuitton data breach, organizations’ attack surface is increasing. 

An authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system.

The Koske Linux malware shows how cybercriminals can use AI for payload development, persistence, and adaptivity.