The hackers exfiltrated data from Salesforce instances of Klue customers, such as Huntress and Recorded Future.
CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution.
The deal values industrial cybersecurity giant Dragos at $3.25 billion, and runZero and NetRise will operate under Dragos.
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
AI-driven development is not something organizations can or should block. But it must be governed.
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
Register
SecurityWeek’s 2026 Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
[July 15, 2026 | Virtual]
SecurityWeek’s AI Risk Summit is the leading conference where technology, security, and risk leaders converge with AI researchers, developers, and policy makers shaping the future of enterprise AI.
[August 11-12, 2026 | In-Person]
SecurityWeek’s CodeSecCon 2026 will bring together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
[August 19, 2026 | Virtual]
SecurityWeek’s 2026 Attack Surface Management Summit will evaluate how organizations can protect corporate assets and reduce their attack surface in a modern security program.
[September 16, 2026 | Virtual]
-
Other noteworthy stories that might have slipped under the radar: Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched… (June 19, 2026)
-
CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. (June 19, 2026)
-
These servers are regularly targeted by China-linked UNC6508 for initial access and backdoor deployment. (June 18, 2026)
-
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures. (June 18, 2026)
-
Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang. (June 15, 2026)
-
Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation. (June 12, 2026)
-
Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution techniques. (June 11, 2026)
-
Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities. (June 4, 2026)
