Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Researchers identify a previously unknown ClickFix variant exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer via a compromised travel site.

GreyNoise warns of a spike in exploitation attempts targeting a two-year-old vulnerability in Zyxel firewalls.

Google is warning insurance companies that Scattered Spider appears to have shifted its focus from the retail sector. 

Cloud security startup Circumvent has raised $6 million to develop a network of agents for autonomous prioritization and remediation.

CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild.

A high-severity authorization bypass vulnerability in Asus Armoury Crate provides attackers with low-level system privileges.

A critical Langflow vulnerability tracked as CVE-2025-3248 has been exploited to ensnare devices in the Flodrix botnet.

According to reports, the US Department of Justice will assess whether the deal would harm competition in the cybersecurity market.

The Archetyp Market drug marketplace has been targeted by law enforcement in an operation involving takedowns and arrests. 

Asheville Eye Associates says the personal information of 147,000 individuals was stolen in a November 2024 data breach.

The Indian car sharing marketplace Zoomcar learned that its systems were hacked after a threat actor contacted employees. 

People on the Move

Cloud security startup Upwind has appointed Rinki Sethi as Chief Security Officer.

SAP security firm SecurityBridge announced the appointment of Roman Schubiger as the company’s new CRO.

Cybersecurity training and simulations provider SimSpace has appointed Peter Lee as Chief Executive Officer.

Orchid Security has appointed a new Chief Product Officer and three advisors.

Kaseya has appointed Rania Succar as Chief Executive Officer.

More People On The Move
Google acquires Wiz Google acquires Wiz

According to reports, the US Department of Justice will assess whether the deal would harm competition in the cybersecurity market.

WestJet cyberattack WestJet cyberattack

A cybersecurity incident at WestJet resulted in users experiencing interruptions when accessing the company’s application and website.

Trump Cybersecurity Executive Order Trump Cybersecurity Executive Order

Industry professionals comment on the Trump administration’s new executive order on cybersecurity. 

Top Cybersecurity Headlines

Mitel has announced patches for a MiCollab path traversal vulnerability that can be exploited remotely without authentication.

AI-generated voice deepfakes have crossed the uncanny valley, fueling a surge in fraud that outpaces traditional security measures. Detection technology is racing to keep up.

The new attack technique uses smartwatches to capture ultrasonic covert communication in air-gapped environments and exfiltrate data.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Register

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [August 19-20, 2025 | Ritz-Carlton, Half Moon Bay]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place August 19-20 at the Ritz-Carlton, Half Moon Bay, CA. (www.cisoforum.com)

Learn More

The Threat Detection & Incident Response Summit delves into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. [May 21, 2025 – Virtual]

Learn More

SecurityWeek’s Cloud and Data Security Summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure and APIs. [July 16, 2025 – Virtual]

Learn More

Vulnerabilities

Cybercrime

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.

Cloud Security

Cloud Security

Cloud security startup Circumvent has raised $6 million to develop a network of agents for autonomous prioritization and remediation.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.