The default HTTP/2 configuration of major web servers is vulnerable to an attack chain combining a compression bomb and a Slowloris-style hold.
Microsoft responds to backlash over its threats of legal action against researchers who publicly disclose zero-day vulnerabilities.
The order establishes a framework for the federal government to vet the national security risks of the most advanced AI systems for up to a month before their public release.
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose.
For AI data centers, where the stakes are the highest and performance constraints are the tightest, security and performance are no longer a zero-sum game.
Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.
RegisterExplore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks.
Register
SecurityWeek’s CISO Forum 2026 Mid-Year Review is a virtual roundtable to evaluate the year’s most pressing challenges and share critical updates shaping the 2026 security landscape.
[June 10, 2026 | Virtual]
SecurityWeek’s 2026 Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
[July 15, 2026 | Virtual]
SecurityWeek’s AI Risk Summit is the leading conference where technology, security, and risk leaders converge with AI researchers, developers, and policy makers shaping the future of enterprise AI.
[August 11-12, 2026 | In-Person]
SecurityWeek’s CodeSecCon 2026 will bring together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
[August 19, 2026 | Virtual]
-
Threat actors are exploiting vulnerable Kirki and Burst Statistics deployments to elevate privileges and take over websites. (June 3, 2026)
-
An improper authentication bug allows attackers to escalate their privileges and escape containers. (June 3, 2026)
-
The default HTTP/2 configuration of major web servers is vulnerable to an attack chain combining a compression bomb and a Slowloris-style hold. (June 3, 2026)
-
Microsoft responds to backlash over its threats of legal action against researchers who publicly disclose zero-day vulnerabilities. (June 3, 2026)
-
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. (June 2, 2026)
-
Dashlane’s security systems automatically locked accounts to protect them against the hacking attempts. (June 2, 2026)
-
Dutch authorities seized command-and-control servers tied to a botnet of infected computers, smartphones, and tablets that was allegedly used to power a residential proxy… (June 1, 2026)
-
Noteworthy stories that might have slipped under the radar: Trump Mobile exposes customer data, phishers target the 2026 FIFA World Cup, CISA responds to… (May 29, 2026)
