Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.

Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.

Astra Security and Invary have received new funding to fuel development of their vulnerability scanning and runtime security solutions.

Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army.

Five Eyes cybersecurity agencies have released guidance on securing edge devices against increasing threats.

The blame of security incidents may be shared—but the burden of response always falls on the security team. Here’s how to prepare for the inevitable.

Critical vulnerabilities in Cisco Identity Services Engine could lead to elevation of privileges and  system configuration modifications.

Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams.

7AI has launched an agentic security platform, which uses AI agents to handle repetitive tasks.

San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures. 

DeepSeek has computer code that could send some user login information to China Mobile.

People on the Move

Gigamon has promoted Tony Jarjoura to CFO and Ram Bhide has been hired as Senior VP of engineering.

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

Cynet announced the appointment of Jason Magee as Chief Executive Officer.

Ajay Garg has joined Saviynt as Chief Development Officer.

Penetration testing and offensive security firm Cobalt has named Gunter Ollmann as Chief Technology Officer.

More People On The Move
DeepSeek Ban DeepSeek Ban

A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.

Natohub hacker arrested Natohub hacker arrested

Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army.

David Kennedy David Kennedy

David Kennedy is a hacker. There is no doubt about that. He has qualities common among hackers, but also many differences.

Top Cybersecurity Headlines

Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.

AMD has released patches for a microprocessor vulnerability found by Google that could allow an attacker to load malicious microcode.

The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Examine the state of cybersecurity in the context of quantum computing and artificial intelligence. Discuss the implications of the new White House administration’s cybersecurity policies and how they will influence the industry’s direction in 2025 and beyond.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Watch Now

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.(February 26, 2025)

Learn More

Supply Chain Security Summit
Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. (March 19, 2025)

Learn More

Vulnerabilities

Cybercrime

Arbor Networks has been analyzing some of the malware used to launch DDoS attacks, in order to help educate organizations on the nature of code used to create and manage the DDoS botnets.In a series of blog posts, Arbor Networks examines the operational abilities and design of the Armageddon, Khan, and PonyDOS botnets, or rather the malware that establishes them.

It isn’t often that after a data breach involving credit cards, that the public is also given a marker on the exact amount money lost by consumers as a result. Thanks to the FBI however, we now have a better understanding of what 60,000 stolen credit cards translates to financially, as this data was included in their investigation notes while working the Stratfor case.

Ford Testing Firmware Update Program, Encourages Customers to Have a Unique USB for Each Ford They OwnThis month, Ford is borrowing something from the software industry: updates. With a fleet of new cars using the sophisticated infotainment system they developed with Microsoft called SYNC, Ford has the need to update those vehicles—for both features and security reasons. But how do you update the software in thousands of cars?

Google showed a great deal of confidence ahead of the CanSecWest conference this year when it announced plans to offer up to $1 million in rewards for a successful exploit against its Chrome browser. The company even launched its own Pwnium contest.

The National Security Agency/Central Security Service officially opened its new "Georgia Cryptologic Center" this week. Celebrated with a ribbon-cutting ceremony on Monday, the new $286 million, 604,000 square foot complex will provide cryptologic professionals with the latest state-of-the-art tools to conduct signals intelligence operations, train the cryptologic workforce, and enable global communications.

After news of the FBI’s arrest of LulzSec’s leader Sabu became public, including the fact he was a cooperating witness in an ongoing criminal investigation, Panda Labs published a blog post titled “Where is the lulz now?” Not long after that post was made, AntiSec supporters attacked Panda Security, defacing more than 30 sub-domains used by the company.

Defending Against Insider Threats in SCADA Environments Using Context and Correlation[Read Previous Column: "SCADA Mischief Episode 1: A Picture is Worth a Thousand Worms" Before Reading This Column]

Defending Against DDoS Attacks: Do You Have an Action Plan in Place?In my career I have been asked how to respond to a DDoS attack. What do you do? Who do you call? Ghost Busters? What are the options?

Trustwave, a provider of cloud-based compliance and information security solutions, today announced that it has signed a definitive agreement to acquire Irvine, California-based M86 Security, a provider of Web security and anti-malware solutions.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Cloud Security

Application Security

APIs are easy to develop, simple to implement, and frequently attacked. They are  prime and lucrative targets for cybercriminals. 

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.