Login
WideField will accelerate Agentic SOC capabilities by expanding the lens on threat investigation to include identity, credentials, sessions, and blast radius.
The post Cisco to Acquire WideField Security to Boost Splunkβs Agentic SOC appeared first on SecurityWeek.
Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame.
The post 15,000 WordPress Websites Cleaned Up in SocGholish Botnet TakedownΒ appeared first on SecurityWeek.
CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution.
The post Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure appeared first on SecurityWeek.
These servers are regularly targeted by China-linked UNC6508 for initial access and backdoor deployment.
The post Majority of Internet-Accessible REDCap Servers Outdated appeared first on SecurityWeek.
The deal values industrial cybersecurity giant Dragos at $3.25 billion, and runZero and NetRise will operate under Dragos.
The post Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push appeared first on SecurityWeek.
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of todayβs cybersecurity failures.
The post No Exploits Required appeared first on SecurityWeek.
The Israeli startup provides sovereign AI and cyber defenses for governments and critical infrastructure.
The post Dream Raises $260 Million at $3 Billion Valuation appeared first on SecurityWeek.
Splunk patched an OS command injection in AI Toolkit, while Atlassian fixed dozens of flaws in third-party dependencies.
The post Atlassian, Splunk Patch Critical Vulnerabilities appeared first on SecurityWeek.
The Android malware allows its operators to take control of infected devices and harvest sensitive information.
The post Rokarolla Banking Trojan Targets 200 Applications appeared first on SecurityWeek.
Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root.
The post Critical Command Execution Vulnerability Patched in Cisco ISE appeared first on SecurityWeek.
Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code.
The post F5 Patches Critical, High-Severity NGINX Vulnerabilities appeared first on SecurityWeek.
Israel-based Entro specializes in non-human identity and credential security solutions, and it will enable SailPoint to enhance its products.
The post SailPoint to Acquire Entro in Reported $200 Million Deal appeared first on SecurityWeek.
Kodak told SecurityWeek it believes there is no threat to its systems or operations as a result of the cybersecurity incident.
The post Kodak Admits Data Breach After ShinyHunters Hack Claims appeared first on SecurityWeek.
Attendees will learn how attackers evade conventional detection methods, why legacy MFA alone is no longer sufficient, and how organizations can strengthen their defenses.
The post Webinar Today: How Modern Breaches Bypass MFA and Evade Detection appeared first on SecurityWeek.
Apono specializes in just-in-time access governance technology for humans, machines, and AI agents.
The post 1Password Acquires Apono in Reported $250M-$300M Deal appeared first on SecurityWeek.
Tenet aims to detect and stop dangerous AI agentic behavior in real time.
The post Tenet Security Emerges From Stealth With $6 Million Seed Funding appeared first on SecurityWeek.
The industrial automation giant has fixed security holes in Logix, CompactLogix, Flex, RSLinx, and FactoryTalk products.
The post Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software appeared first on SecurityWeek.
The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control.
The post Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack appeared first on SecurityWeek.
The public PoC code exploits a race condition in Microsoft Defender to spawn a command prompt with System privileges.
The post Microsoft Working on Patch for βRoguePlanetβ Zero-Day appeared first on SecurityWeek.
Oracle has released its June 2026 Critical Security Patch Update to fix vulnerabilities in Communications, EBS, Enterprise Manager and other products.
The post Oracleβs Second Monthly Security Updates Deliver 245 PatchesΒ appeared first on SecurityWeek.
The browser updates address multiple memory safety bugs that could potentially lead to remote code execution.
The post Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities appeared first on SecurityWeek.
The flaws allow attackers to execute arbitrary PHP code and gain root privileges on shared hosting servers.
The post Joomla, LiteSpeed Vulnerabilities Exploited in Attacks appeared first on SecurityWeek.
SOCRadar has detected 30,000 compromised Fortinet firewalls that expose networks to hacking.Β
The post 3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs appeared first on SecurityWeek.
The digital health company said it learned of the breach on June 8 and the attackers demanded a ransom.
The post iRhythm Confirms Data Stolen in Hack appeared first on SecurityWeek.
From building LED bulbs to graduating college and buying a house with money earned from bug bounties.
The post Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker appeared first on SecurityWeek.
The company is enhancing third-party risk management (TPRM) through autonomous AI agents.
The post Magnitude Emerges From Stealth Mode With $10 Million in Funding appeared first on SecurityWeek.
From defending networks to enabling attacks, artificial intelligence is changing every aspect of cybersecurity. Here's what dozens of experts say security leaders need to understand now.
The post AI and Cybersecurity β Everything You Wanted to Know, But Were Afraid to Ask appeared first on SecurityWeek.
Ent has developed an intent-aware platform designed to interpret user and agent behavior before risky actions are carried out.
The post Endpoint Security Startup Ent Emerges From Stealth With $100 Million Seed Round appeared first on SecurityWeek.
The hack-and-leak group FulcrumSec claims to have stolen 1.3TB of data from the pharmaceutical giant.
The post Cybercrime Group Claims Novo Nordisk Hack appeared first on SecurityWeek.
By continuously analyzing security, infrastructure, and governance data, TrustCloud aims to give CISOs a real-time view of application risk and board-ready assurance.
The post Can CISOs Trust Their Applications? TrustCloud Wants to Replace the Questionnaire appeared first on SecurityWeek.
California Water Service says there is no indication of operational disruptions to its water and wastewater systems.Β
The post Cal Water Investigating Iranian Hackersβ Claims appeared first on SecurityWeek.
NSPM-12 establishes a clear structure for NSS cybersecurity governance and accountability and reestablishes CNSS.
The post White House Issues Memo to Bolster NSS Cybersecurity appeared first on SecurityWeek.
Arch Linux suspended account registrations in response to the wave of malicious packages being uploaded to AUR.
The post Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages appeared first on SecurityWeek.
A group of cybersecurity executives and experts is asking the Trump administration to lift its directive preventing the use of Anthropicβs latest artificial intelligence models by foreign nationals.
The post Cybersecurity Executives Urge the Trump Administration to Ease Restrictions on Anthropic AI Models appeared first on SecurityWeek.
Over two dozen organizations built a shared platform to triage vulnerabilities, fix them, and secure the software before patches arrive.
The post Tech Coalition βAthenaβ Targets OSS Vulnerabilities Ahead of Disclosure appeared first on SecurityWeek.
Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write.
The post Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks appeared first on SecurityWeek.
Mackay Sugar was targeted in a cyberattack carried out by a threat group known as The Gentlemen.
The post Ransomware Attack Shuts Down Mills of Australiaβs Second-Largest Sugar Producer appeared first on SecurityWeek.
Googleβs Threat Intelligence Group has been tracking the cyberespionage group as UNC6508 since early 2025.
The post Chinese Hackers Target Medical, Military, and AI Research in North America appeared first on SecurityWeek.
The startup has built a security-first identity platform to protect humans, machines, and AI agents.
The post NewCore Emerges From Stealth Mode With $66 Million in Funding appeared first on SecurityWeek.
Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang.
The post Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges appeared first on SecurityWeek.
The pharmaceutical giant says the attackers gained access to personal data stored on the compromised systems.Β
The post Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems appeared first on SecurityWeek.
French officials say roughly 73,000 government accounts were affected, while the threat actor claims to have stolen messages and user data from the sovereign Tchap platform.
The post French Government Messaging Platform Breached by Mysterious βMisereβ Hacker appeared first on SecurityWeek.
The extortion group threatens to leak 297 GB of data allegedly stolen from the Council of Europe, including employee personal information.
The post ShinyHunters Claims Council of Europe Hack appeared first on SecurityWeek.
The platform used more than 9,000 phishing sites, stealing nearly 4 million credit cards and causing roughly $1.9 billion in losses.
The post FBI, Google Dismantle βOutsider Enterpriseβ Phishing Service appeared first on SecurityWeek.
Someone posted fake VRChat and Discord data breach reports on the system, prompting the Maine AG to take action.
The post Maine Disables Data Breach Portal Due to Fake SubmissionsΒ appeared first on SecurityWeek.
By default, npm install will no longer execute scripts from dependencies, unless explicitly allowed.
The post NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks appeared first on SecurityWeek.
Anthropic takes Fable 5 and Mythos 5 offline to comply with a directive from the Trump administration to prevent use by foreign nationals.
The post Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls appeared first on SecurityWeek.
Other noteworthy stories that might have slipped under the radar: ICS device exposure remains flat as attack surface widens, Microsoft issues incident response playbook for AI, IBM and AT&T accused of hack cover-ups.
The post In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine appeared first on SecurityWeek.
Industry professionals comment on various aspects of Fable 5, including dual-use capabilities, safeguards, and tiered access.
The post Industry Reactions to Claude Fable 5: Feedback Friday appeared first on SecurityWeek.
CyberLabRSS 