Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.

Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.

Astra Security and Invary have received new funding to fuel development of their vulnerability scanning and runtime security solutions.

Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army.

Five Eyes cybersecurity agencies have released guidance on securing edge devices against increasing threats.

The blame of security incidents may be shared—but the burden of response always falls on the security team. Here’s how to prepare for the inevitable.

Critical vulnerabilities in Cisco Identity Services Engine could lead to elevation of privileges and  system configuration modifications.

Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams.

7AI has launched an agentic security platform, which uses AI agents to handle repetitive tasks.

San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures. 

DeepSeek has computer code that could send some user login information to China Mobile.

People on the Move

Gigamon has promoted Tony Jarjoura to CFO and Ram Bhide has been hired as Senior VP of engineering.

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

Cynet announced the appointment of Jason Magee as Chief Executive Officer.

Ajay Garg has joined Saviynt as Chief Development Officer.

Penetration testing and offensive security firm Cobalt has named Gunter Ollmann as Chief Technology Officer.

More People On The Move
DeepSeek Ban DeepSeek Ban

A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.

Natohub hacker arrested Natohub hacker arrested

Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army.

David Kennedy David Kennedy

David Kennedy is a hacker. There is no doubt about that. He has qualities common among hackers, but also many differences.

Top Cybersecurity Headlines

Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.

AMD has released patches for a microprocessor vulnerability found by Google that could allow an attacker to load malicious microcode.

The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Examine the state of cybersecurity in the context of quantum computing and artificial intelligence. Discuss the implications of the new White House administration’s cybersecurity policies and how they will influence the industry’s direction in 2025 and beyond.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Watch Now

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.(February 26, 2025)

Learn More

Supply Chain Security Summit
Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. (March 19, 2025)

Learn More

Vulnerabilities

Cybercrime

Implanting Easter Eggs is not Just a Developer’s Take at Humor. They Have the Potential to Double-act as Backdoors with a Devastating Effect.

AlgoSec, a company that provides firewall management solutions, recently released the results of a poll that examined the attitudes and opinions of 180 working IT and security professionals during the RSA Conference earlier this year. The results of the poll show that poor internal processes, practices, and threats pose the largest risk to a network. These problems, the respondents believe, are more of a concern than threats from malicious external sources.

Two technology trade associations, TechAmerica and USTelecom, and one of the world’s largest defense contractors, Boeing, had their web sites knocked offline by Anonymous for their support and connections to the controversial CISPA bill. They are the latest in a string of targets selected by those supporting Anonymous’ Operation Defense (OpDefense).

Researchers at Trusteer have spotted a new attack vector from Zeus that aligns perfectly with previous financially motivated targets. Based on the information collected and previous attacks, it appears as if the newer Zeus configurations will remain focused on the bigger fish.

On Tuesday, Adobe released a security bulletin to address multiple vulnerabilities in Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier versions for Linux, and Adobe Acrobat X (10.1.2) and earlier versions for Windows and Macintosh. According to Adobe, exploitation of the vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

When it comes to letting someone go, very rare will you find a business leader who enjoys that part of the job. When you have to fire a network security administrator, not only is it a downer, it’s a risky proposition – unless you follow basic steps.

Microsoft patched 11 security vulnerabilities today, including a critical bug being targeted by attackers. Microsoft released a total of six security bulletins, including four rated ‘critical.’ The vulnerabilities exist across Microsoft Windows, Microsoft Office, Internet Explorer, Forefront United Access Gateway (UAG) and the .NET Framework.

Why doesn’t Everyone have Security Intelligence? One of the Reasons is Superstition.“Step on a crack, break your mother’s back.” Not just lyrics by Devo, but an actual superstition. While it’s mostly just practiced by kids who don’t yet know they’re nascent Parkour enthusiasts, you can observe adults today taking that extra half step occasionally to avoid lines in the sidewalk. You may even catch yourself doing it subconsciously.

Mocana MAP 2.0 Helps Secure Apps Running on iOS DevicesSmart device security firm Mocana, today introduced the latest version of its solution designed to help organizations add fine-grained security and usage policies around individual mobile apps with ease.

Controversial Domain Registrar Tightens Policy After Reports of Rogue Online Pharmacy LinksRegistrar Internet.bs has changed its domain name registration policy in light of reports criticizing its links to as many as one-third of the rogue pharmacies on the Internet.

On Friday, Palo Alto Networks, the network security firm that has made its mark developing next generation firewalls, filed an S-1 registration statement with the Securities and Exchange Commission for a widely-anticipated initial public offering.

Researchers at NQ Mobile, working alongside researchers at North Carolina State University, have discovered new Android malware that is controlled via SMS that can do a number of things on the compromised device including recording calls and surrounding noise.

Supports of Anonymous targeted the U.K. on Saturday, hitting the websites of the Home Office and the Ministry of Justice. While the attack only lasted a short time, Anonymous has said to expect more of the same as they push forward. Currently, the next target is said to be the GCHQ on April 14.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Cloud Security

Application Security

APIs are easy to develop, simple to implement, and frequently attacked. They are  prime and lucrative targets for cybercriminals. 

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.