Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

The professional services giant says it contained the incident, remediated its source, and experienced no operational or service delivery impact.

Cisco says the threat actor behind the LapDogs campaign has expanded its SOHO router malware toolkit with LongLeash, DogLeash, and JarLeash backdoors.

Join the webinar as we break down why email-layer defenses alone can’t keep pace with the modern phishing ecosystem.

The “Rogue Agent” vulnerability could have enabled attackers to silently manipulate AI conversations, exfiltrate data, and compromise every Dialogflow CX agent within the same Google Cloud project.

Two newly disclosed critical vulnerabilities in Adobe ColdFusion and Langflow join two Joomla extension flaws in CISA’s Known Exploited Vulnerabilities catalog, with federal agencies given until July 10 to patch.

Researchers show how attackers can use a crafted public GitHub Issue to trick AI-powered workflows into exposing data from private repositories without authentication.

The alleged victim, believed to be a small Ohio county, reportedly paid the extortion group to prevent the public release of sensitive stolen data.

Attackers are exploiting the critical Gitea vulnerability CVE-2026-20896 to bypass authentication with a single HTTP header and access vulnerable repositories and secrets.

The audits are reportedly being spearheaded by CISA’s Attack Surface Evaluation team, a specialized unit tasked with conducting digital defense assessments and simulated hacking exercises.

Hackers are exploiting a recently patched critical vulnerability (CVE-2026-48282) in Adobe ColdFusion that carries a CVSS score of 10/10.

Researchers say the Iran-linked threat actor used an adaptable modular malware framework and compromised IT service providers to reach high-value targets in Israel.

Tarah Wheeler is CISO at TPO Group, a firm that provides cybersecurity consultancy for high-stakes organizations. But despite this elevated position, her journey was far from typical.

The 16-year-old Januscape flaw affects Linux’s KVM hypervisor, allowing attackers to escape virtual machines and potentially execute code on the underlying host.

Accenture Data Breach Accenture Data Breach

The professional services giant says it contained the incident, remediated its source, and experienced no operational or service delivery impact.

China APT China APT

Cisco says the threat actor behind the LapDogs campaign has expanded its SOHO router malware toolkit with LongLeash, DogLeash, and JarLeash backdoors.

CISA KEV CISA KEV

Two newly disclosed critical vulnerabilities in Adobe ColdFusion and Langflow join two Joomla extension flaws in CISA’s Known Exploited Vulnerabilities catalog, with federal agencies given until July 10 to patch.

Top Cybersecurity Headlines

Researchers say the Iran-linked threat actor used an adaptable modular malware framework and compromised IT service providers to reach high-value targets in Israel.

The 16-year-old Januscape flaw affects Linux’s KVM hypervisor, allowing attackers to escape virtual machines and potentially execute code on the underlying host.

The PolinRider campaign has compromised more than 100 legitimate open source packages and repositories to deliver a backdoor and information stealer to developers.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can’t keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year’s summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

Upcoming Cybersecurity Events

Cloud Security Summit 2026

SecurityWeek’s 2026 Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
[July 15, 2026 | Virtual]

Read More
AI Risk Summit: Aug 11-12, 2026 (In-Person)

SecurityWeek’s AI Risk Summit is the leading conference where technology, security, and risk leaders converge with AI researchers, developers, and policy makers shaping the future of enterprise AI.
[August 11-12, 2026 | In-Person]

Learn More
CodeSecCon 2026

SecurityWeek’s CodeSecCon 2026 will bring together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
[August 19, 2026 | Virtual]

Read More
Attack Surface Management Summit 2026

SecurityWeek’s 2026 Attack Surface Management Summit will evaluate how organizations can protect corporate assets and reduce their attack surface in a modern security program.
[September 16, 2026 | Virtual]

Read More

Vulnerabilities

Cybercrime

The results a study that examined Federal chief information officers’ (CIO) and chief information security officers’ (CISO) perceptions and usage experiences for CyberScope was released today.CyberScope is the new Federal Information Security Management Act’s (FISMA) online reporting created by the Obama administration to streamline the reporting process, enhance analysis, and reduce the $2.3 billion the federal government spends on compliance each year.

FBI's Most Wanted Cyber CriminalsLast week the FBI’s New York office made several arrests related to a large international cybercrime ring, and are seeking 17 others. Those arrested are charged with using hundreds of false-name bank accounts to receive more than $3 million from victimized accounts.

CSC today announced that it has acquired Vulnerability Research Labs (VRL), a privately held cyber threat intelligence firm based in Columbia, Maryland.

New Facility to Help Enable Development of Cybersecurity Solutions Science Applications International Corporation (SAIC) today announced the grand opening of its Cyber Innovation Center (CIC) along the I-95 corridor in Columbia, Maryland.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Cloud Security

Cloud Security

Hackers were seen making over 81 million login attempts originating from systems associated with hosting provider LSHIY.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.