Tim Kosiba Named NSA Deputy Director 2026-01-09 at 17:34 By Mike Lennon Kosiba, a veteran of the Intelligence Community with over 30 years of federal service, returns to the agency as its most senior civilian leader. The post Tim Kosiba Named NSA Deputy Director appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]
Tim Kosiba Named NSA Deputy Director Read More »
CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over 2026-01-09 at 15:44 By Ionut Arghire The Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog. The post CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over appeared first on SecurityWeek. This article is an excerpt from
CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over Read More »
CrowdStrike to Buy Identity Security Firm SGNL for $740 Million in Cash 2026-01-08 at 17:56 By Mike Lennon The deal aims to bolster CrowdStrike’s Falcon platform with “continuous identity” protection to secure human and AI-driven access in real-time. The post CrowdStrike to Buy Identity Security Firm SGNL for $740 Million in Cash appeared first on
CrowdStrike to Buy Identity Security Firm SGNL for $740 Million in Cash Read More »
Researchers Expose WHILL Wheelchair Safety Risks via Remote Hacking 2026-01-08 at 14:45 By Eduard Kovacs CISA advisory warns that unauthenticated Bluetooth access in WHILL devices allows for unauthorized movement. The post Researchers Expose WHILL Wheelchair Safety Risks via Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Researchers Expose WHILL Wheelchair Safety Risks via Remote Hacking Read More »
Critical HPE OneView Vulnerability Exploited in Attacks 2026-01-08 at 13:20 By Ionut Arghire The maximum-severity code injection flaw can be exploited without authentication for remote code execution. The post Critical HPE OneView Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Critical HPE OneView Vulnerability Exploited in Attacks Read More »
Hackers Exploit Zero-Day in Discontinued D-Link Devices 2026-01-07 at 14:34 By Ionut Arghire The critical-severity vulnerability allows unauthenticated, remote attackers to execute arbitrary shell commands. The post Hackers Exploit Zero-Day in Discontinued D-Link Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Hackers Exploit Zero-Day in Discontinued D-Link Devices Read More »
Researchers Trap Scattered Lapsus$ Hunters in Honeypot 2026-01-06 at 16:20 By Ionut Arghire Using fake accounts and synthetic data to lure the hackers, the researchers gathered information on their servers. The post Researchers Trap Scattered Lapsus$ Hunters in Honeypot appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Researchers Trap Scattered Lapsus$ Hunters in Honeypot Read More »
Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes 2026-01-05 at 14:18 By Eduard Kovacs WhatsApp device fingerprinting can be useful in the delivery of sophisticated spyware, but impact is very limited without a zero-day. The post Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes appeared first on SecurityWeek. This
Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes Read More »
Hacker Claims Theft of 40 Million Condé Nast Records After Wired Data Leak 2025-12-29 at 11:32 By Eduard Kovacs A hacker named Lovely made public 2.3 million records representing Wired subscriber information. The post Hacker Claims Theft of 40 Million Condé Nast Records After Wired Data Leak appeared first on SecurityWeek. This article is an
Hacker Claims Theft of 40 Million Condé Nast Records After Wired Data Leak Read More »
ServiceNow to Acquire Armis for $7.75 Billion in Cash 2025-12-23 at 16:36 By Eduard Kovacs Rumors of a possible buyout surfaced earlier this month, with the official announcement coming just weeks after Armis announced raising $435 million. The post ServiceNow to Acquire Armis for $7.75 Billion in Cash appeared first on SecurityWeek. This article is
ServiceNow to Acquire Armis for $7.75 Billion in Cash Read More »
3.5 Million Affected by University of Phoenix Data Breach 2025-12-23 at 09:41 By Eduard Kovacs The University of Phoenix is one of the many victims of the recent Oracle EBS hacking campaign attributed to the Cl0p ransomware group. The post 3.5 Million Affected by University of Phoenix Data Breach appeared first on SecurityWeek. This article
3.5 Million Affected by University of Phoenix Data Breach Read More »
WatchGuard Patches Firebox Zero-Day Exploited in the Wild 2025-12-22 at 15:09 By Ionut Arghire The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution. The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
WatchGuard Patches Firebox Zero-Day Exploited in the Wild Read More »
In-the-Wild Exploitation of Fresh Fortinet Flaws Begins 2025-12-16 at 11:38 By Ionut Arghire Threat actors are exploiting the two critical authentication bypass vulnerabilities against FortiGate appliances. The post In-the-Wild Exploitation of Fresh Fortinet Flaws Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
In-the-Wild Exploitation of Fresh Fortinet Flaws Begins Read More »
Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw 2025-12-15 at 13:22 By Eduard Kovacs Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack. The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek. This article is an excerpt
Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw Read More »
Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking 2025-12-12 at 12:53 By Eduard Kovacs Notepad++ found a vulnerability in the way the software updater authenticates update files. The post Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking Read More »
Trump Signs Executive Order to Block State AI Regulations 2025-12-12 at 05:10 By Associated Press Members of Congress from both parties have pushed for more regulations on AI, saying there is not enough oversight for the powerful technology. The post Trump Signs Executive Order to Block State AI Regulations appeared first on SecurityWeek. This article
Trump Signs Executive Order to Block State AI Regulations Read More »
Google Patches Mysterious Chrome Zero-Day Exploited in the Wild 2025-12-11 at 09:49 By Eduard Kovacs The Chrome zero-day does not have a CVE and it’s unclear who reported it and which browser component it affects. The post Google Patches Mysterious Chrome Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt
Google Patches Mysterious Chrome Zero-Day Exploited in the Wild Read More »
Intel, AMD Processors Affected by PCIe Vulnerabilities 2025-12-10 at 10:22 By Eduard Kovacs The PCIe flaws, found by Intel employees, can be exploited for information disclosure, escalation of privilege, or DoS. The post Intel, AMD Processors Affected by PCIe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Intel, AMD Processors Affected by PCIe Vulnerabilities Read More »
Microsoft Patches 57 Vulnerabilities, Three Zero-Days 2025-12-10 at 00:44 By Ionut Arghire Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges. The post Microsoft Patches 57 Vulnerabilities, Three Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Microsoft Patches 57 Vulnerabilities, Three Zero-Days Read More »
Exploitation of React2Shell Surges 2025-12-08 at 12:00 By Eduard Kovacs An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks. The post Exploitation of React2Shell Surges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Exploitation of React2Shell Surges Read More »