Featured

Cyber Insights 2026: External Attack Surface Management

Cyber Insights 2026: External Attack Surface Management 2026-01-13 at 20:08 By Kevin Townsend AI will assist companies in finding their external attack surface, but it will also assist bad actors in locating and attacking the weak points. The post Cyber Insights 2026: External Attack Surface Management appeared first on SecurityWeek. This article is an excerpt […]

Cyber Insights 2026: External Attack Surface Management Read More »

Cyber Fraud Overtakes Ransomware as Top CEO Concern: WEF 

Cyber Fraud Overtakes Ransomware as Top CEO Concern: WEF  2026-01-13 at 11:04 By Eduard Kovacs Ransomware remains the biggest concern for CISOs in 2026, according to WEF’s Global Cybersecurity Outlook 2026 report. The post Cyber Fraud Overtakes Ransomware as Top CEO Concern: WEF  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Cyber Fraud Overtakes Ransomware as Top CEO Concern: WEF  Read More »

Cyber Insights 2026: What CISOs Can Expect in 2026 and Beyond

Cyber Insights 2026: What CISOs Can Expect in 2026 and Beyond 2026-01-12 at 17:29 By Kevin Townsend Here we examine the CISO Outlook for 2026, with the purpose of evaluating what is happening now and preparing leaders for what lies ahead in 2026 and beyond. The post Cyber Insights 2026: What CISOs Can Expect in

Cyber Insights 2026: What CISOs Can Expect in 2026 and Beyond Read More »

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over 2026-01-09 at 15:44 By Ionut Arghire The Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog. The post CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over appeared first on SecurityWeek. This article is an excerpt from

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over Read More »

CrowdStrike to Buy Identity Security Firm SGNL for $740 Million in Cash

CrowdStrike to Buy Identity Security Firm SGNL for $740 Million in Cash 2026-01-08 at 17:56 By Mike Lennon The deal aims to bolster CrowdStrike’s Falcon platform with “continuous identity” protection to secure human and AI-driven access in real-time. The post CrowdStrike to Buy Identity Security Firm SGNL for $740 Million in Cash appeared first on

CrowdStrike to Buy Identity Security Firm SGNL for $740 Million in Cash Read More »

Researchers Expose WHILL Wheelchair Safety Risks via Remote Hacking

Researchers Expose WHILL Wheelchair Safety Risks via Remote Hacking 2026-01-08 at 14:45 By Eduard Kovacs CISA advisory warns that unauthenticated Bluetooth access in WHILL devices allows for unauthorized movement. The post Researchers Expose WHILL Wheelchair Safety Risks via Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Researchers Expose WHILL Wheelchair Safety Risks via Remote Hacking Read More »

Critical HPE OneView Vulnerability Exploited in Attacks

Critical HPE OneView Vulnerability Exploited in Attacks 2026-01-08 at 13:20 By Ionut Arghire The maximum-severity code injection flaw can be exploited without authentication for remote code execution. The post Critical HPE OneView Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical HPE OneView Vulnerability Exploited in Attacks Read More »

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Hackers Exploit Zero-Day in Discontinued D-Link Devices 2026-01-07 at 14:34 By Ionut Arghire The critical-severity vulnerability allows unauthenticated, remote attackers to execute arbitrary shell commands. The post Hackers Exploit Zero-Day in Discontinued D-Link Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Exploit Zero-Day in Discontinued D-Link Devices Read More »

Researchers Trap Scattered Lapsus$ Hunters in Honeypot

Researchers Trap Scattered Lapsus$ Hunters in Honeypot 2026-01-06 at 16:20 By Ionut Arghire Using fake accounts and synthetic data to lure the hackers, the researchers gathered information on their servers. The post Researchers Trap Scattered Lapsus$ Hunters in Honeypot appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Researchers Trap Scattered Lapsus$ Hunters in Honeypot Read More »

Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes

Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes 2026-01-05 at 14:18 By Eduard Kovacs WhatsApp device fingerprinting can be useful in the delivery of sophisticated spyware, but impact is very limited without a zero-day. The post Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes appeared first on SecurityWeek. This

Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes Read More »

Hacker Claims Theft of 40 Million Condé Nast Records After Wired Data Leak

Hacker Claims Theft of 40 Million Condé Nast Records After Wired Data Leak 2025-12-29 at 11:32 By Eduard Kovacs A hacker named Lovely made public 2.3 million records representing Wired subscriber information. The post Hacker Claims Theft of 40 Million Condé Nast Records After Wired Data Leak appeared first on SecurityWeek. This article is an

Hacker Claims Theft of 40 Million Condé Nast Records After Wired Data Leak Read More »

ServiceNow to Acquire Armis for $7.75 Billion in Cash

ServiceNow to Acquire Armis for $7.75 Billion in Cash 2025-12-23 at 16:36 By Eduard Kovacs Rumors of a possible buyout surfaced earlier this month, with the official announcement coming just weeks after Armis announced raising $435 million. The post ServiceNow to Acquire Armis for $7.75 Billion in Cash appeared first on SecurityWeek. This article is

ServiceNow to Acquire Armis for $7.75 Billion in Cash Read More »

3.5 Million Affected by University of Phoenix Data Breach

3.5 Million Affected by University of Phoenix Data Breach 2025-12-23 at 09:41 By Eduard Kovacs The University of Phoenix is one of the many victims of the recent Oracle EBS hacking campaign attributed to the Cl0p ransomware group. The post 3.5 Million Affected by University of Phoenix Data Breach appeared first on SecurityWeek. This article

3.5 Million Affected by University of Phoenix Data Breach Read More »

WatchGuard Patches Firebox Zero-Day Exploited in the Wild

WatchGuard Patches Firebox Zero-Day Exploited in the Wild 2025-12-22 at 15:09 By Ionut Arghire The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution. The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

WatchGuard Patches Firebox Zero-Day Exploited in the Wild Read More »

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins 2025-12-16 at 11:38 By Ionut Arghire Threat actors are exploiting the two critical authentication bypass vulnerabilities against FortiGate appliances. The post In-the-Wild Exploitation of Fresh Fortinet Flaws Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins Read More »

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw 2025-12-15 at 13:22 By Eduard Kovacs Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack. The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek. This article is an excerpt

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw Read More »

Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking

Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking 2025-12-12 at 12:53 By Eduard Kovacs Notepad++ found a vulnerability in the way the software updater authenticates update files.  The post Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking Read More »

Trump Signs Executive Order to Block State AI Regulations

Trump Signs Executive Order to Block State AI Regulations 2025-12-12 at 05:10 By Associated Press Members of Congress from both parties have pushed for more regulations on AI, saying there is not enough oversight for the powerful technology. The post Trump Signs Executive Order to Block State AI Regulations appeared first on SecurityWeek. This article

Trump Signs Executive Order to Block State AI Regulations Read More »

Google Patches Mysterious Chrome Zero-Day Exploited in the Wild

Google Patches Mysterious Chrome Zero-Day Exploited in the Wild 2025-12-11 at 09:49 By Eduard Kovacs The Chrome zero-day does not have a CVE and it’s unclear who reported it and which browser component it affects. The post Google Patches Mysterious Chrome Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt

Google Patches Mysterious Chrome Zero-Day Exploited in the Wild Read More »

Scroll to Top