Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

A vulnerability affecting systems named End-of-Train and Head-of-Train can be exploited by hackers to cause trains to brake. 

CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog.

Google Gemini for Workspace can be tricked into displaying a phishing message when asked to summarize an email.

The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks.

Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase.

Louis Vuitton customers in the UK, South Korea, Turkey and possibly other countries are being notified of a data breach.

Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack.

Investigators from HMRC joined more than 100 Romanian police officers to arrest the 13 Romanian suspects in the counties of Ilfov, Giurgiu and Calarasi. 

The latest release of the xAI LLM, Grok-4, has already fallen to a sophisticated jailbreak.

Noteworthy stories that might have slipped under the radar: Microsoft shows attack against AMD processors, SentinelOne details latest ZuRu macOS malware version, Indian APT DoNot targets governments. 

With IPOs taking longer than ever, the venture firm’s fund aims to keep startup veterans motivated while staying private.

People on the Move

Jessica Newman has joined Sophos as General Manager of Global Cyber Insurance.

Breach and attack simulation solutions provider AttackIQ has appointed Pete Luban as Field Chief Information Security Officer.

Matthew Cowell has assumed the role of VP of Strategic Alliances at Nozomi Networks. He previously served in the same role at Dragos.

Bret Arsenault is retiring from his full-time role after 35 years at Microsoft.

Social engineering defense platform Doppel has appointed Bobby Ford as Chief Strategy and Experience Officer.

More People On The Move
Louis Vuitton data breach Louis Vuitton data breach

Louis Vuitton customers in the UK, South Korea, Turkey and possibly other countries are being notified of a data breach.

Grok-4 Falls to a Jailbreak Two Days After Its Release

The latest release of the xAI LLM, Grok-4, has already fallen to a sophisticated jailbreak.

Android vulnerability patch Android vulnerability patch

Since August 2015, Google has delivered a constant stream of monthly security patches for Android. Until July 2025.

Top Cybersecurity Headlines

Details have been disclosed for an eSIM hacking method that could impact many, but the industry is taking action.

PCA Cyber Security has discovered critical vulnerabilities in the BlueSDK Bluetooth stack that could have allowed remote code execution on car systems.

Nippon Steel Solutions has disclosed a data breach that resulted from the exploitation of a zero-day in network equipment.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

This online session will explore resilience planning in response to geopolitical tensions and help CISOs navigate the current state of federal cybersecurity initiatives.

Register

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [August 19-20, 2025 | Ritz-Carlton, Half Moon Bay]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place August 19-20 at the Ritz-Carlton, Half Moon Bay, CA. (www.cisoforum.com)

Learn More

The Threat Detection & Incident Response Summit delves into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. [May 21, 2025 – Virtual]

Learn More

SecurityWeek’s Cloud and Data Security Summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure and APIs. [July 16, 2025 – Virtual]

Learn More

Vulnerabilities

Cybercrime

MOSCOW - The last Soviet leader Mikhail Gorbachev was forced to deny rumors of his death after hackers planted a false report on Twitter accounts of a state news agency. "I'm alive and well," Gorbachev late Wednesday told the website of Novaya Gazeta newspaper, using a blanked-out Russian expletive to describe his ill-wishers who he said were "hoping in vain".

SAN FRANCISCO - Nintendo said Wednesday that it has filed a lawsuit against a US website with a business model built on hacking into the company's videogame hardware. Nintendo is suing HackYourConsole.com in federal court in the operation's home state of Florida.

Researchers from RSA have uncovered a new banking Trojan designed to steal information from machines running the Linux operating system.  Dubbed “Hand of Thief”, the Trojan is reportedly being sold in closed cybercrime communities for $2,000 with free updates.

Most large organizations are not quite ready to accept the security implications of renting unknown machines from public cloud providers, but transforming data centers to private clouds is in full speed and showing no sign of slowing down. While private clouds are under the control of the corporate IT department, it does not mean that migrating a data center to a private cloud is free of security implications.

BeyondTrust has released a free tool designed to give organizations the ability to track and understand configuration changes and administrative activities for security and compliance reporting for Google Apps.

RIGA - Latvia agreed Tuesday to extradite a programmer to the United States to stand trial for his alleged role in a global cyber theft ring that broke into a million computers.

August is a special month for those of us who live in the San Francisco area, because it’s when the masses of geeks descend on Moscone Center for one of the biggest virtualization conferences in the world. Yes, I’m talking about VMworld.

Ambiguity often abounds when it comes to the security requirements contained in contracts with software-as-a-service [SaaS] vendors, but there are minimum steps users can take to get what they want, according to industry analyst firm Gartner Inc.

Home is where the hack is, at least when it came to this year's Black Hat security conference in Las Vegas. This week, researchers shined a light on how devices ranging from smart TVs to thermostats can be compromised by an attacker, and the increasing role IT security plays in the physical security of the home.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

RevEng.ai has raised $4.15 million in seed funding for an AI platform that automatically detects malicious code and vulnerabilities in software.

Cloud Security

Cloud Security

Founded in 2015, the Tel Aviv based company has now raised more than $1 billion and claims more than 3,500 customers.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.