Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

SonicWall SMA1000 zero-day vulnerabilities CVE-2026-15409 and CVE-2026-15410 can be exploited for remote code execution.

Two flaws in Active Directory and SharePoint Server have been exploited as zero-days, and a BitLocker bug was publicly disclosed.

The D1R cybercrime group claimed to have stolen valuable data from Synopsys and Bosch, threatening to leak it unless a ransom is paid. 

The ColdFusion security defects could allow attackers to execute arbitrary code or elevate their privileges.

The flaws can be exploited for authentication bypass, remote code execution, privilege escalation, and directory traversal.

A ClaudeBleed-linked vulnerability reportedly persists across eight patches, exposing potentially sensitive data to other extensions. 

The flaws could allow attackers to access and modify data, and cause system unavailability and request-response desynchronization.

Multiple state-sponsored APTs are compromising poorly secured devices across critical infrastructure sector networks.

UK-based cybersecurity firm Valarian has raised a total of $70 million for its ACRA technology.

A threat actor poisoned several Jscrambler NPM package versions to drop a cross-platform credential stealer.

A new CMMC review and reform task force will conduct a comprehensive review of the program.

Once a notorious blackhat hacker, McGraw shares his journey from high school hacking and prison to redemption as a cybersecurity advocate.

Significant cybersecurity M&A deals announced by 1Password, Accenture, Cisco, F5, Rubrik, and SailPoint.

Microsoft Patch Tuesday Microsoft Patch Tuesday

Two flaws in Active Directory and SharePoint Server have been exploited as zero-days, and a BitLocker bug was publicly disclosed.

Bosch hacking claims Bosch hacking claims

The D1R cybercrime group claimed to have stolen valuable data from Synopsys and Bosch, threatening to leak it unless a ransom is paid. 

Claude security Claude security

A ClaudeBleed-linked vulnerability reportedly persists across eight patches, exposing potentially sensitive data to other extensions. 

Top Cybersecurity Headlines

A new CMMC review and reform task force will conduct a comprehensive review of the program.

Once a notorious blackhat hacker, McGraw shares his journey from high school hacking and prison to redemption as a cybersecurity advocate.

Significant cybersecurity M&A deals announced by 1Password, Accenture, Cisco, F5, Rubrik, and SailPoint.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we explore why exploitation is outpacing remediation, where risk is growing fastest, and what security leaders can do to close the gap before attackers take advantage.

Register

This year’s summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

Upcoming Cybersecurity Events

Cloud Security Summit 2026

SecurityWeek’s 2026 Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
[July 15, 2026 | Virtual]

Read More
AI Risk Summit: Aug 11-12, 2026 (In-Person)

SecurityWeek’s AI Risk Summit is the leading conference where technology, security, and risk leaders converge with AI researchers, developers, and policy makers shaping the future of enterprise AI.
[August 11-12, 2026 | In-Person]

Learn More
CodeSecCon 2026

SecurityWeek’s CodeSecCon 2026 will bring together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
[August 19, 2026 | Virtual]

Read More
Attack Surface Management Summit 2026

SecurityWeek’s 2026 Attack Surface Management Summit will evaluate how organizations can protect corporate assets and reduce their attack surface in a modern security program.
[September 16, 2026 | Virtual]

Read More

Vulnerabilities

Cybercrime

GUATEMALA CITY - US Internet security guru John McAfee, on the run from authorities in Belize over a murder probe, was arrested by Guatemalan police Wednesday for illegally entering the country, officials said. "National police agents have taken Mr John David McAfee before immigration authorities... He has entered our country illegally," police spokesman Pablo Castillo told AFP.

Citrix Systems said on Wednesday that it would acquire mobile device management (MDM) firm Zenprise. According to an announcement, the firms have entered into a definitive agreement for Citrix to acquire Zenprise, after which Citrix would integrate the Zenprise solution for mobile device management with its Citrix CloudGateway and Me@Work solutions for managing mobile apps and data.

GUATEMALA CITY - US Internet security pioneer John McAfee requested political asylum in Guatemala, his lawyer said Wednesday, after fleeing Belize where he is wanted for questioning over his neighbor's murder.The former Silicon Valley entrepreneur, now a weathered 67-year-old, went on the run from his home on the Belizean paradise island of Ambergris Caye after neighbor Gregory Faull was murdered on November 11.

CipherCloud, a cloud information protection provider, this week announced that it has raised $30 million in funding from prominent VC firm Andreessen Horowitz. The company plans to use the cash infusion to continue developing its cloud information protection products and accelerate its global go-to-market strategy with expanded sales and marketing.

The Most Plunder-ful time of the Year: Protecting Your Family’s Financial Identity During the Online Shopping SeasonThe holiday season is a time of giving. But savvy security and technology professionals such as yourselves know, both during the holidays and year-round, that not all giving is good. Some things, namely company and personal information, are not to be given out generously.

Tenable Network Security announced upgrades to its unified security monitoring platform, SecurityCenter, on Tuesday. The most significant update to the product is added support for IPv6, as organizations with IPv6 already enabled, or those planning on future implementations, can benefit from the layered risk assessment and management tools offered.

ZURICH - A tax-dodging spat involving the Swiss bank UBS and Germany took a fresh twist after a Swiss daily reported on Tuesday that German authorities were using simple photos taken by a UBS worker of their computer screen. "The data was photographed from a (computer) screen and pieced together bit by bit," lawyer Jorg Schauf, representing a UBS client, told the Tages Anzeiger.

Majority of Attacks in 2012 Were Redirects from Legitimate Sites, 27 Percent of All Cybercrime Linked to ‘Blackhole’ Exploit KitEven though organizations are increasingly focusing on mobile devices and security, cyber-criminals still focused on traditional malware and Web-based attacks in 2012, Sophos found in its latest threat report.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Cloud Security

Cloud Security

Hackers were seen making over 81 million login attempts originating from systems associated with hosting provider LSHIY.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.