California Water Service says there is no indication of operational disruptions to its water and wastewater systems.
Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write.
Mackay Sugar was targeted in a cyberattack carried out by a threat group known as The Gentlemen.
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
AI-driven development is not something organizations can or should block. But it must be governed.
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
Register
SecurityWeek’s CISO Forum 2026 Mid-Year Review is a virtual roundtable to evaluate the year’s most pressing challenges and share critical updates shaping the 2026 security landscape.
[June 10, 2026 | Virtual]
SecurityWeek’s 2026 Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
[July 15, 2026 | Virtual]
SecurityWeek’s AI Risk Summit is the leading conference where technology, security, and risk leaders converge with AI researchers, developers, and policy makers shaping the future of enterprise AI.
[August 11-12, 2026 | In-Person]
SecurityWeek’s CodeSecCon 2026 will bring together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
[August 19, 2026 | Virtual]
-
Over two dozen organizations built a shared platform to triage vulnerabilities, fix them, and secure the software before patches arrive. (June 16, 2026)
-
Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. (June 16, 2026)
-
The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. (June 12, 2026)
-
The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs. (June 12, 2026)
-
Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang. (June 15, 2026)
-
Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation. (June 12, 2026)
-
Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution techniques. (June 11, 2026)
-
Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities. (June 4, 2026)
