Most of the 100 vulnerabilities resolved this week, including critical flaws, were in third-party dependencies.

The post IBM Patches Over 100 Vulnerabilities appeared first on SecurityWeek.

The Chrome zero-day does not have a CVE and it's unclear who reported it and which browser component it affects.

The post Google Patches Mysterious Chrome Zero-Day Exploited in the Wild appeared first on SecurityWeek.

Over the past decade, overall funding in Israeli cybersecurity companies has increased by more than 500%, according to YL Ventures. 

The post Israeli Cybersecurity Funding Hits $4.4 Billion Record High appeared first on SecurityWeek.

Join to access sessions aimed at educating, inspiring, and provoking new ways of thinking about the hype and promise surrounding AI-powered enterprise security solutions and the threats posed by adversarial use of AI.

The post Virtual Event Today: Cyber AI & Automation Summit appeared first on SecurityWeek.

Victoria Dubranova faces over 25 years in prison for links to Russia-backed CARR and NoName hacktivist groups.

The post US Indicts Extradited Ukrainian on Charges of Aiding Russian Hacking Groups appeared first on SecurityWeek.

GeminiJack is a zero-click Gemini attack that could have been exploited using specially crafted emails, calendar invites, or documents.

The post Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data  appeared first on SecurityWeek.

The two security defects impact FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager with FortiCloud SSO login authentication enabled.

The post Fortinet Patches Critical Authentication Bypass Vulnerabilities appeared first on SecurityWeek.

The XSS vulnerability could allow remote attackers to execute arbitrary JavaScript code with administrator privileges.

The post Ivanti EPM Update Patches Critical Remote Code Execution Flaw appeared first on SecurityWeek.

Affecting Solution Manager, Commerce Cloud, and jConnect SDK, the bugs could lead to code injection and remote code execution.

The post SAP Patches Critical Vulnerabilities With December 2025 Security Updates appeared first on SecurityWeek.

Dozens of vulnerabilities have been patched by the industrial giants across their products.

The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Rockwell, Schneider appeared first on SecurityWeek.

The PCIe flaws, found by Intel employees, can be exploited for information disclosure, escalation of privilege, or DoS.

The post Intel, AMD Processors Affected by PCIe Vulnerabilities appeared first on SecurityWeek.

Britain and its allies face escalating “hybrid threats … designed to weaken critical national infrastructure, undermine our interests and interfere in our democracies.”

The post UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare appeared first on SecurityWeek.

The Experience Manager security update resolves 117 vulnerabilities, including 116 identified as cross-site scripting (XSS) bugs.

The post Adobe Patches Nearly 140 Vulnerabilities appeared first on SecurityWeek.

Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges.

The post Microsoft Patches 57 Vulnerabilities, Three Zero-Days appeared first on SecurityWeek.

Promotions across Microsoft’s security organization reinforce the company’s shift toward AI-driven defense and tighter operational oversight under Global CISO Igor Tsyganskiy.

The post Microsoft Names New Operating CISOs in Strategic Move to Strengthen Cyberdefense appeared first on SecurityWeek.

The AI-powered platform autonomously conducts security design reviews and proactively identifies design flaws across development work.

The post Prime Security Raises $20 Million to Build Agentic Security Architect appeared first on SecurityWeek.

Learn how GRC and SOC teams can turn shared threat intelligence into faster action, clearer communication, and stronger organizational resilience.

The post Webinar Today: Inside the First 72 hours of a Cyber Event appeared first on SecurityWeek.

North Korean threat actors are believed to be behind CVE-2025-55182 exploitation delivering EtherRAT.

The post React2Shell Attacks Linked to North Korean Hackers appeared first on SecurityWeek.

The funding round was led by KKR, with participation from Sixth Street Growth, TenEleven, and Carrick Capital Partners.

The post Identity Security Firm Saviynt Raises $700 Million at $3 Billion Valuation  appeared first on SecurityWeek.

The US seeks information on the leader of Emennet Pasargad, Mohammad Bagher Shirinkar, and long-time employee Fatemeh Sedighian Kashi.

The post US Posts $10 Million Bounty for Iranian Hackers appeared first on SecurityWeek.