Millions of developers can now use the secure, production-ready images made by Docker.
The post Docker Makes 1,000 Hardened Images Free and Open Source appeared first on SecurityWeek.
Data from Chainalysis and Amazon offers a glimpse into North Koreaβs cyber activities surrounding cryptocurrency theft and fake IT workers.
The post North Koreaβs Digital Surge: $2B Stolen in Crypto as Amazon Blocks 1,800 Fake IT Workers appeared first on SecurityWeek.
ASRock, Asus, Gigabyte, and MSI motherboards are vulnerable to early-boot DMA attacks.
The post UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks appeared first on SecurityWeek.
The Italian company has raised nearly $200 million in 2025 for its widely used embedded cybersecurity platform.
The post IoT Security Firm Exein Raises β¬100 Million appeared first on SecurityWeek.
The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances.
The post China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear appeared first on SecurityWeek.
The trucking industry group has released its 2026 Transportation Industry Cybersecurity Trends Report.
The post NMFTA Warns of Surge and Sophistication of Cyber-Enabled Cargo Theft appeared first on SecurityWeek.
LKQ said the personal information of thousands of individuals was compromised as a result of the hacker attack.
The post Auto Parts Giant LKQ Confirms Oracle EBS Breach appeared first on SecurityWeek.
The e-commerce and logistics company was targeted by the RansomHouse ransomware group in October.Β
The post 700,000 Records Compromised in Askul Ransomware Attack appeared first on SecurityWeek.
After years of exploiting zero-day and n-day vulnerabilities, Russian state-sponsored threat actors are shifting to misconfigured devices.
The post Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks appeared first on SecurityWeek.
SoundCloud said the information of 20% of users was accessed by hackers who breached its systems.
The post User Data Compromised in SoundCloud HackΒ appeared first on SecurityWeek.
Google has also mentioned seeing React2Shell attacks conducted by Iranian threat actors.
The post Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery appeared first on SecurityWeek.
Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an βextremely sophisticatedβ attack.
The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek.
The Akira ransomware group took credit for the Fieldtex Products hack in November, claiming to have stolen 14 Gb of data.
The post Fieldtex Data Breach Impacts 238,000 appeared first on SecurityWeek.
Notepad++ found a vulnerability in the way the software updater authenticates update files.Β
The post Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking appeared first on SecurityWeek.
Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities.
The post $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits appeared first on SecurityWeek.
Eleven companies took part in the evaluations and several have boasted 100% detection and coverage rates.
The post MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations appeared first on SecurityWeek.
Security firms have seen cryptocurrency miners, Linux backdoors, botnet malware, and various post-exploitation implants in React2Shell attacks.
The post Wide Range of Malware Delivered in React2Shell Attacks appeared first on SecurityWeek.
The Chrome zero-day does not have a CVE and it's unclear who reported it and which browser component it affects.
The post Google Patches Mysterious Chrome Zero-Day Exploited in the Wild appeared first on SecurityWeek.
Over the past decade, overall funding in Israeli cybersecurity companies has increased by more than 500%, according to YL Ventures.Β
The post Israeli Cybersecurity Funding Hits $4.4 Billion Record High appeared first on SecurityWeek.
GeminiJack is a zero-click Gemini attack that could have been exploited using specially crafted emails, calendar invites, or documents.
The post Google Patches Gemini Enterprise Vulnerability Exposing Corporate DataΒ appeared first on SecurityWeek.
Login