Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

A hacker recently offered to sell 20 million OpenAI credentials, but the data likely comes from information stealers, not the AI firm’s systems.

Cupertino’s security response team said the flaw was used in “an extremely sophisticated attack against specific targeted individuals.” 

French organizers said “the summit aims at promoting an ambitious French and European AI strategy” as advances in the sector have been led by the U.S. and China.

A critical vulnerability found in Orthanc servers can pose a serious risk to medical data and healthcare operations.

Microsoft has added more Copilot consumer products to its bug bounty program and is offering higher rewards for medium-severity vulnerabilities.

HPE is notifying an unknown number of individuals that Russian hackers accessed their personal information in a December 2023 attack.

Evan Light was sentenced to 20 years in federal prison for hacking an investment holdings company and stealing $37 million in cryptocurrency.

Memorial Hospital and Manor says 120,000 people had their personal information stolen in a November 2024 ransomware attack.

News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this help save the threat intel industry?

SolarWinds will become a privately held company following its acquisition by Turn/River Capital for $4.4 billion in cash. 

ThreatMate has raised $3.2 million in seed funding for its AI-powered attack surface management solution for MSPs.

People on the Move

Software giant Atlassian has named David Cross as its new CISO.

Dan Pagel has been named the new CEO of risk management and remediation firm Brinqa.

The City of Phoenix has promoted Mitch Kohlbecker to the role of Chief Information Security Officer.

Gigamon has promoted Tony Jarjoura to CFO and Ram Bhide has been hired as Senior VP of engineering.

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

More People On The Move
iPhone security iPhone security

Cupertino’s security response team said the flaw was used in “an extremely sophisticated attack against specific targeted individuals.” 

Threat Intelligence Report Threat Intelligence Report

News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this help save the threat intel industry?

Turn/River Capital acquires SolarWinds Turn/River Capital acquires SolarWinds

SolarWinds will become a privately held company following its acquisition by Turn/River Capital for $4.4 billion in cash. 

Top Cybersecurity Headlines

Hospital Sisters Health System says the personal information of 883,000 individuals was compromised in a 2023 crippling cyberattack.

A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.

Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Examine the state of cybersecurity in the context of quantum computing and artificial intelligence. Discuss the implications of the new White House administration’s cybersecurity policies and how they will influence the industry’s direction in 2025 and beyond.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Watch Now

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.(February 26, 2025)

Learn More

Supply Chain Security Summit
Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. (March 19, 2025)

Learn More

Vulnerabilities

Cybercrime

After less than a six-week hiatus, attackers have resumed their distributed-denial of service attacks against U.S. financial institutions.

During the RSA Conference last week, some attendees visting the F5 Networks booth took part in a quick survey in order to determine what security trends have the greatest impact on their organization’s ability to reach their security desires. The results show that many of them are still struggling.

With millions of dollars on the line, Google took the smart money this week and patched Chrome ahead of today’s Pwn2Own and Pwnium competitions at the CanSecWest conference taking place this week in Vancouver.

Researchers from Kaspersky Lab have discovered “AlbaBotnet”, an emerging botnet that appears to be gearing up to inflict financial damage on accounts at banks in Chili.According to Kaspersky researchers, AlbaBotnet focuses on utilizing targeted phishing attacks designed to steal online accounts details, currently at two major Chilean banks.

A vulnerability patched in February by Oracle has been added to the Blackhole Exploit Kit, researchers have discovered. This wouldn’t normally be a headline event in and of itself, but most people seem to ignore Java once installed, and are vulnerable to dozens of attacks thinks to kits like this and the number of issues in the Java codebase.

For the third time in less than a month, organizations and home users who are still using Java, for whatever reason that may be, now need to apply yet another update. This latest patch, released Monday, addresses a bug that was first reported more than a month ago.

A few months ago, I wrote a column expressing my deep concern over the lack of progress in the debate about domain name registration data (a/k/a the WHOIS). The debate aims to reach collective understanding and agreement regarding the purpose of that data and, specifically, who should have access to it and how.

PRAGUE - Hackers attacked several top Czech news websites on Monday, overloading them with hundreds of thousands of requests per second to make them inaccessible, publishers said. "News servers have been facing a massive DDoS (Distributed Denial of Service) attack since 8:30 am (0730 GMT)," iDNES.cz, the website of the top-selling Czech broadsheet DNES, said on its Facebook profile.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Cloud Security

Application Security

APIs are easy to develop, simple to implement, and frequently attacked. They are  prime and lucrative targets for cybercriminals. 

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.