Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product.

Poland is being targeted by various forms of cyberattacks and sabotage actions believed to be sponsored by Russia.

The Sarcoma ransomware group is threatening to leak data stolen from Taiwanese printed circuit board manufacturer Unimicron.

CyberArk acquires early stage Boston startup Zilla Security for $165M, expanding its identity security and IGA capabilities.

Millions of uninformed users have flocked to DeepSeek and share personal information without considering security or privacy risks.

A toolset associated with China-linked espionage intrusions was employed in a ransomware attack, likely by a single individual.

An analysis conducted by SecurityWeek shows that 405 cybersecurity-related mergers and acquisitions were announced in 2024.

Jscrambler has received a $5.2 million investment from Iberis Capital to accelerate innovation and research.

Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability.

Threat actors are increasingly exploiting two old vulnerabilities in ThinkPHP and OwnCloud in their attacks.

Google has released a Chrome 133 update to address four high-severity vulnerabilities reported by external researchers.

People on the Move

The US arm of networking giant TP-Link has appointed Adam Robertson as Director of Information and Security.

Cyber exposure management firm Armis has promoted Alex Mosher to President.

Software giant Atlassian has named David Cross as its new CISO.

Dan Pagel has been named the new CEO of risk management and remediation firm Brinqa.

The City of Phoenix has promoted Mitch Kohlbecker to the role of Chief Information Security Officer.

More People On The Move
zero-day flaw zero-day flaw

Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product.

Cybersecurity M&A 2024 Cybersecurity M&A 2024

An analysis conducted by SecurityWeek shows that 405 cybersecurity-related mergers and acquisitions were announced in 2024.

Seashell Blizzard Russia Seashell Blizzard Russia

A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence.

Top Cybersecurity Headlines

The Microsoft Patch Tuesday machine hummed loudly this month with urgent fixes for a pair of already-exploited Windows zero-days.

Intel says roughly 100 of the 374 vulnerabilities it patched last year were firmware and hardware security defects.

Cupertino’s security response team said the flaw was used in “an extremely sophisticated attack against specific targeted individuals.” 

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Examine the state of cybersecurity in the context of quantum computing and artificial intelligence. Discuss the implications of the new White House administration’s cybersecurity policies and how they will influence the industry’s direction in 2025 and beyond.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Watch Now

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.(February 26, 2025)

Learn More

Supply Chain Security Summit
Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. (March 19, 2025)

Learn More

Vulnerabilities

Cybercrime

Application Delivery Networking provider Blue Coat Systems, Inc. (Nasdaq: BCSI), this week announced the release of a software plug-in that will allows enterprises running its PackerShaper appliances to discover, monitor, assess and control Apple software updates.

A former senior database administrator for GEXA Energy in Houston was sentenced today to 12 months in prison for hacking into his former employer's computer network.Steven Jinwoo Kim, 40, of Houston pleaded guilty on Nov. 16, 2009, to one count of intentionally accessing a protected computer without authorization and recklessly causing damage. Kim was also ordered to pay $100,000 in restitution to GEXA Energy and to serve three years of supervised release following his prison term.

World Cup fans continue to be prime targets for cybercriminals this summer with new mobile viruses targeting smart-phone users looking for the latest news and content surrounding the international soccer tournament being held in South Africa this year.

The number of spam messages approached 6 billion for the month of January and never dipped below 3.5 billion during the past six months, according to SaaS e-mail and web security provider AppRiver’s mid-year Threat and Spamscape report.

The third installment of the "Twilight" franchise, “Eclipse,” which premiered this week, is breaking records for a midnight opening and fans are searching in the masses for any details about the film they can find online. Cyber criminals know this and have already "poisoned" common search results hoping to gain access to people's computers and infect them with malware.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures. 

Cloud Security

Application Security

APIs are easy to develop, simple to implement, and frequently attacked. They are  prime and lucrative targets for cybercriminals. 

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.