Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Once a notorious blackhat hacker, McGraw shares his journey from high school hacking and prison to redemption as a cybersecurity advocate.

Significant cybersecurity M&A deals announced by 1Password, Accenture, Cisco, F5, Rubrik, and SailPoint.

Unauthenticated attackers could obtain the broker’s confidential OAuth client secret, allowing them to take control of the broker.

The flaw results in malicious code embedded in crafted emails being executed when the emails are opened.

The move targeted people and entities accused of links to an online spying network that the EU claims targeted governments and carried out sabotage operations against critical infrastructure.

Threat actors have been targeting Balbooa Forms and iCagenda Joomla extension flaws for remote code execution.

The company notified customers to manually shut down their servers while it is investigating a credible threat.

The WorldLeaks extortion group claimed to have stolen 720 GB of data from the healthcare testing and laboratory services provider.

Multiple campaigns are using ghost accounts to map GitHub organizations, including their repositories and members.

Other noteworthy stories that might have slipped under the radar: Abnormal AI sued by Anthropic, AssuranceAmerica data breach affects 7 million people, NSA brings back TAO.

Angelo Martino, a former ransomware negotiator, was sentenced to 70 months for helping the BlackCat/Alphv group.

Both foes and allies have targeted the Balochistan Police force in Pakistan for at least two years, according to SentinelOne.

The attackers call victims to direct them to phishing websites mirroring Microsoft Entra ID login pages.

2026 cybersecurity M&A 2026 cybersecurity M&A

Significant cybersecurity M&A deals announced by 1Password, Accenture, Cisco, F5, Rubrik, and SailPoint.

Vulnerability Vulnerability

Unauthenticated attackers could obtain the broker’s confidential OAuth client secret, allowing them to take control of the broker.

Healthcare data breach Healthcare data breach

The WorldLeaks extortion group claimed to have stolen 720 GB of data from the healthcare testing and laboratory services provider.

Top Cybersecurity Headlines

Both foes and allies have targeted the Balochistan Police force in Pakistan for at least two years, according to SentinelOne.

The attackers call victims to direct them to phishing websites mirroring Microsoft Entra ID login pages.

Researchers demonstrate adversarial hallucination squatting against popular AI assistants to achieve remote code execution.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can’t keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year’s summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

Upcoming Cybersecurity Events

Cloud Security Summit 2026

SecurityWeek’s 2026 Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
[July 15, 2026 | Virtual]

Read More
AI Risk Summit: Aug 11-12, 2026 (In-Person)

SecurityWeek’s AI Risk Summit is the leading conference where technology, security, and risk leaders converge with AI researchers, developers, and policy makers shaping the future of enterprise AI.
[August 11-12, 2026 | In-Person]

Learn More
CodeSecCon 2026

SecurityWeek’s CodeSecCon 2026 will bring together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
[August 19, 2026 | Virtual]

Read More
Attack Surface Management Summit 2026

SecurityWeek’s 2026 Attack Surface Management Summit will evaluate how organizations can protect corporate assets and reduce their attack surface in a modern security program.
[September 16, 2026 | Virtual]

Read More

Vulnerabilities

Cybercrime

LockPath, an Overland Park, Kansas-based provider of governance, risk management and compliance (GRC) solutions, this week launched version 3.0 of its Keylight platform, an update that brings improved reporting features and new content integration capabilities, as well as advanced assessment tools.

The Xtreme RAT malware, which has been at the center of several reports of cyber attacks on Israel has expanded, researchers have discovered. This news follows a recent report from Norman ASA, who reported that the attack campaign has been going on now for more than a year.

Romania-based anti-virus firm BitDefender conducted a controlled test on Windows 8, in order to determine how strong the basic defenses were, and attempted to infect the new OS with some of the most common malware on the Web. When all was said and done, Redmond’s latest creation was found to be just as vulnerable to common malware as Windows 7, despite the compensating controls being pitched by the company.

Researchers from the Georgia Tech Information Security Center (GTISC) and the Georgia Tech Research Institute (GTRI), released their 2013 cyber-threat forecast on Wednesday. The report examines what they think will be the most serious issues online in the next twelve months. The face of cybersecurity has changed over the last year, the report says, as attackers have aligned with national agendas, and taken aim at businesses and governments alike.

WASHINGTON - A US commission on Wednesday urged lawmakers to consider tighter rules on investment by Chinese state-owned firms, warning that they may pose economic as well as security risks. In an annual report to Congress, the US-China Economic and Security Review Commission also called for efforts to bring China into arms reduction talks due to Beijing's growing expenditure on opaque weapons programs.

BELIZE CITY - Prime Minister Dean Barrow on Wednesday urged anti-virus software pioneer John McAfee, wanted for questioning in the murder of a neighbor, to turn himself in to Belizean authorities. McAfee, 67, told CNBC television Tuesday that he was moving every four hours to avoid police who want to question him about the murder of fellow American Gregory Faull, a Florida native who was found dead at his home in a pool of blood.

Adobe Confirms Breach on Connectusers.com –  Site Taken OfflineAdobe has confirmed claims made by an Egyptian hacker that a database behind Connectusers.com was breached. The company is still investigating, but cached copies of the forum’s source code show a possible explanation as to the cause – outdated forum software.

Tibetan activists are being targeted by a new variant of the Imuler (Revir) Trojan that was originally discovered in September. The attack is launched via email, and uses images of other pro-Tibetan groups as bait in order to encourage the victim into opening files.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Cloud Security

Cloud Security

Hackers were seen making over 81 million login attempts originating from systems associated with hosting provider LSHIY.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.