Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

The blame of security incidents may be shared—but the burden of response always falls on the security team. Here’s how to prepare for the inevitable.

Critical vulnerabilities in Cisco Identity Services Engine could lead to elevation of privileges and  system configuration modifications.

Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams.

7AI has launched an agentic security platform, which uses AI agents to handle repetitive tasks.

San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures. 

DeepSeek has computer code that could send some user login information to China Mobile.

With each passing year, social engineering attacks are becoming bigger and bolder thanks to rapid advancements in artificial intelligence.

David Kennedy is a hacker. There is no doubt about that. He has qualities common among hackers, but also many differences.

Just as OT technology differs from IT technology, the threats, likely adversaries, and potential harm also differ.

A significant number of cybersecurity-related merger and acquisition (M&A) deals announced in January 2025. 

Riot has raised $30 million in Series B funding for a platform that helps employees improve their cybersecurity posture.

People on the Move

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

Cynet announced the appointment of Jason Magee as Chief Executive Officer.

Ajay Garg has joined Saviynt as Chief Development Officer.

Penetration testing and offensive security firm Cobalt has named Gunter Ollmann as Chief Technology Officer.

Data security company Cyberhaven has named Chris Bates as its Chief Security Officer.

More People On The Move
David Kennedy David Kennedy

David Kennedy is a hacker. There is no doubt about that. He has qualities common among hackers, but also many differences.

Exploited vulnerability Exploited vulnerability

Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.

AMD CPU vulnerability AMD CPU vulnerability

AMD has released patches for a microprocessor vulnerability found by Google that could allow an attacker to load malicious microcode.

Top Cybersecurity Headlines

The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.

2025 is an important year – it is probably our last chance to start our migration to post quantum cryptography before we are all undone by cryptographically relevant quantum computers.

“Texas will not allow the Chinese Communist Party to infiltrate our state’s critical infrastructure through data-harvesting AI and social media apps,” Abbott said.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Explore trends and technologies that will shape the future of cybersecurity. Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.(February 26, 2025)

Learn More

Supply Chain Security Summit
Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. (March 19, 2025)

Learn More

Vulnerabilities

Cybercrime

Despite the fact that a majority of IT respondents say that their cloud deployments were successful, and have saved their respective organization's money, many still do not trust the cloud with sensitive or personal information. Moreover, some fear storing their data in the cloud due to concerns over government or legal action.

After suffering a breach last week that impacted some 250,000 accounts, Twitter is looking to bolster security by investing in two-factor authentication. The news comes by way of a job posting, where the micro-blogging site has asked security developers to come forward.

A document containing business data, including some personal details, from several regional U.S. financial firms was leaked by Anonymous earlier this week. On Tuesday, the Federal Reserve confirmed that one of their systems was breached, but would not directly link the breach to the data released by Anonymous’ OpLastResort.

SpeedTest.net, a free service that tests the performance of Broadband connections, was compromised and made to serve malware, according to security vendor Invincea. The situation has since been cleaned up. Details and pictures can be found here on Invincea's blog.

Google blacklisted the domain of netseer.com in response to a malware attack on the site, triggering a chain reaction that led to a number of high-traffic websites being flagged. This included sites such as ZDNet and The Guardian UK. According to NetSeer, the situation was resolved as of 9:30 a.m. PT.  The situation began when netseer.com was hacked and infected with malware. After the hack, Google added the domain to its list of sites affected by malware, and Chrome and...

Web security firm WhiteHat Security on Tuesday announced that it landed a $31 million round of funding led by JMI Equity, with additional investment from previous investor, Investor Growth Capital (IGC).

Ending weeks of rumors and speculation, Dell Inc. today said that it would be going private in a $24.4 billion deal that would put the company in the hands of founder and CEO Michael Dell and private equity firm Silver Lake.

WASHINGTON - The US Department of Energy on Monday confirmed it was the target of a cyber attack in January, which stole employee and contractor data, but said no classified data was compromised.

Two researchers have uncovered a new vulnerability in the Transport Layer Security (TLS) and Datagram TLS (DTLS) protocols that allow attackers to recover plaintext from a TLS/DTLS connection when CBC-mode encryption is used.

Following the recent launch of its highly anticipated BlackBerry 10 operating system and new handsets last week, BlackBerry on Monday announced that it has teamed up with security firm Trend Micro to help BlackBerry protect customers against malware and privacy risks coming through third-party applications.

You’d think news of a breach is bad, and that’s the end of the story. However Rafal Los, a security strategist with HP Software, sees things differently. Based on Twitter’s own statements, there’s a bit of an upside to the breach that targeted 250,000 accounts.

Oracle has released a Java update addressing 50 vulnerabilities, two weeks ahead of schedule. The company has faced an uphill security battle in the last year, finding itself pitted against researchers and criminals who have discovered hundreds of flaws.

Last week Google announced the details of the third iteration of Pwnium, Google’s contest where it gives cash to security researches who can demonstrate vulnerabilities in select Google applications.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures. 

Cloud Security

Application Security

APIs are easy to develop, simple to implement, and frequently attacked. They are  prime and lucrative targets for cybercriminals. 

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.