Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Other noteworthy stories that might have slipped under the radar: Abnormal AI sued by Anthropic, AssuranceAmerica data breach affects 7 million people, NSA brings back TAO.

Angelo Martino, a former ransomware negotiator, was sentenced to 70 months for helping the BlackCat/Alphv group.

Both foes and allies have targeted the Balochistan Police force in Pakistan for at least two years, according to SentinelOne.

The attackers call victims to direct them to phishing websites mirroring Microsoft Entra ID login pages.

The backdoor’s destructive capabilities include a standalone wiper, ransomware encryption, and a multi-pass wiping command.

Researchers demonstrate adversarial hallucination squatting against popular AI assistants to achieve remote code execution.

A Go module is used to load PowerShell code that fetches a resolver from public dead drops to execute Windows malware.

The Israeli company has developed a cryptographic posture and post-quantum cryptography management platform.

Two announcements on July 7, 2026, demonstrate the government’s determination to improve the level of cybersecurity within the UK.

Buffer overflow, DoS, command injection, SSRF, authentication bypass, and other types of vulnerabilities have been found in PAN-OS software.

Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system for ISPs.

Affecting every major distribution since 2011, the Linux kernel vulnerability allows attackers to gain root access.

The privilege escalation vulnerability tracked as CVE-2026-50656 has been patched with a Microsoft Malware Protection Engine update.

Vishing Vishing

The attackers call victims to direct them to phishing websites mirroring Microsoft Entra ID login pages.

AI hacking AI hacking

Researchers demonstrate adversarial hallucination squatting against popular AI assistants to achieve remote code execution.

Linux vulnerability Linux vulnerability

Affecting every major distribution since 2011, the Linux kernel vulnerability allows attackers to gain root access.

Top Cybersecurity Headlines

The privilege escalation vulnerability tracked as CVE-2026-50656 has been patched with a Microsoft Malware Protection Engine update.

Wiz has disclosed the details of a new AI coding assistant attack method it has dubbed GhostApproval.

The professional services giant says it contained the incident, remediated its source, and experienced no operational or service delivery impact.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can’t keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year’s summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

Upcoming Cybersecurity Events

Cloud Security Summit 2026

SecurityWeek’s 2026 Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
[July 15, 2026 | Virtual]

Read More
AI Risk Summit: Aug 11-12, 2026 (In-Person)

SecurityWeek’s AI Risk Summit is the leading conference where technology, security, and risk leaders converge with AI researchers, developers, and policy makers shaping the future of enterprise AI.
[August 11-12, 2026 | In-Person]

Learn More
CodeSecCon 2026

SecurityWeek’s CodeSecCon 2026 will bring together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
[August 19, 2026 | Virtual]

Read More
Attack Surface Management Summit 2026

SecurityWeek’s 2026 Attack Surface Management Summit will evaluate how organizations can protect corporate assets and reduce their attack surface in a modern security program.
[September 16, 2026 | Virtual]

Read More

Vulnerabilities

Cybercrime

Juniper Networks is planning a major expansion to its “India Excellence Center (IEC),” a research and development center in Bangalore, India. The company announced this week that it would add 750 seats and 450 equipment racks at a new site in Bangalore over the next two years. The company currently has 1,800 staff members and 300 development partners working at its existing campus in Bangalore. The new office will be located at Bangalore's new Prestige Exora Business Park and is...

Meeting Compliance is Overrated - Manage Risk! Efficient, Effective Risk Management is the Key to Ensuring the Possible Security Posture and, by Extension, Meeting ComplianceSecurity risks to your computer networks and systems are everywhere. Cybercriminals around the world are constantly targeting and probing enterprise networks, with the intent on penetrating them and committing their dirty deeds. What’s worse, these threats are continually evolving, complicating efforts to stay a step ahead.

A former Goldman Sachs programmer responsible for developing programs that power the firm's high-frequency trading systems – a key to millions in profits for the Wall Street giant - was found guilty last week by a jury in Manhattan federal court of one count of theft of trade secrets and one count of transportation of stolen property in interstate and foreign commerce.

Device Identification and Differentiated Access Reporting Enable Company and Privately Owned Devices to Securely Coexist in the EnterpriseAvenda Systems, a provider of network access security solutions, today announced new features within its eTIPS platform that enable customers to efficiently allow or deny the use of personal devices for workplace applications.

Boston based Vulnerability management and penetration testing solution provider Rapid7, announced this week that its signature products, Metasploit Pro™ and Metasploit Express™, have achieved Common Vulnerabilities and Exposures (CVE) compliance. CVE associates unique identifiers to security vulnerabilities and exposures to provide common names for publicly known problems.

After 2,686 days at Google, software engineer Brian Kennish has left the search giant to focus on “Disconnect,” an open source browser extension designed to stop third parties and search engines from tracking Web pages you visit and searches you do.

AccessData has announced the release of SilentRunner Mobile, a network forensics solution designed to deliver network surveillance and analysis with plug-and-play deployment capability. SilentRunner Mobile is targeted for use in law enforcement, government and corporate investigations, while allowing for distributed installation to facilitate ongoing cyber security monitoring and analysis.

RSA announced today that its SecurID Software Token will be available for Android smartphones, enabling users of the popular mobile operating system with secure, two-factor authentication to enterprise applications and resources using their Android powered device as an RSA SecurID authenticator.

After failing in its efforts to acquire storage provider 3PAR despite a $1.8 bid this past summer, Dell has made another move and has agreed to acquire Compellent Technologies, a provider of highly-virtualized storage solutions that help organizations manage and move data.

Genesco Inc, a specialty retailer of branded footwear and other products, today announced that the computer network that processes its payment card transactions in the United States has been hacked, in what the company is calling a “criminal intrusion.” Genesco operates more than 2,225 footwear and headwear retail stores in the United States, Puerto Rico and Canada, principally under the names Journeys, Journeys Kidz, Shi by Journeys, Underground Station, Johnston & Murphy, Hatworld, Lids, Lids Kids, Hat Shack, Hat Zone,...

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Cloud Security

Cloud Security

Hackers were seen making over 81 million login attempts originating from systems associated with hosting provider LSHIY.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.