The critical-severity vulnerability can be exploited via crafted network packets for remote code execution.

The post 2024 VMware Flaw Now in Attackers’ Crosshairs appeared first on SecurityWeek.

The WorldLeaks cybercrime group claims to have stolen information from the footwear and apparel giant’s systems.

The post Nike Probing Potential Security Incident as Hackers Threaten to Leak Data appeared first on SecurityWeek.

Similar to recent FortiCloud single sign-on (SSO) login vulnerabilities, the attacks bypass authentication.

The post Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices appeared first on SecurityWeek.

Other noteworthy stories that might have slipped under the radar: Cloudflare WAF bypass, Canonical Snap Store abused for malware delivery, Curl terminating bug bounty program

The post In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice appeared first on SecurityWeek.

Threat actors are leveraging the file-sharing service for payload delivery in AitM phishing and BEC attacks.

The post Phishers Abuse SharePoint in New Campaign Targeting Energy Sector appeared first on SecurityWeek.

Cyber regulations are where politics meets business – where business becomes subject to political realities.

The post Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements appeared first on SecurityWeek.

Under Armour is investigating a recent data breach that purloined customers’ email addresses and other personal information.

The post Under Armour Looking Into Data Breach Affecting Customers’ Email Addresses appeared first on SecurityWeek.

CISA has added the Zimbra flaw to the KEV catalog along with three other bugs exploited in the wild.

The post Organizations Warned of Exploited Zimbra Collaboration Vulnerability appeared first on SecurityWeek.

Pwn2Own participants disclosed a total of 76 vulnerabilities during the three-day event. 

The post Infotainment, EV Charger Exploits Earn Hackers $1M at Pwn2Own Automotive 2026 appeared first on SecurityWeek.

The exploitation of the authentication bypass vulnerability started two days after patches were released.

The post Fresh SmarterMail Flaw Exploited for Admin Access appeared first on SecurityWeek.

Dozens of Venezuelan nationals have been charged by the US for their role in ATM jackpotting attacks. 

The post 2 Venezuelans Convicted in US for Using Malware to Hack ATMs appeared first on SecurityWeek.

To all those who are fighting the good fight in the world of cyber, keep collaborating to ensure our world never succumbs to the chaos of the Upside Down.

The post The Upside Down is Real: What Stranger Things Teaches Us About Modern Cybersecurity appeared first on SecurityWeek.

A team of researchers from the Graz University of Technology in Austria has revived page Linux page cache attacks.

The post Old Attack, New Speed: Researchers Optimize Page Cache Exploits appeared first on SecurityWeek.

See how modern AI-driven detection can block sophisticated attacks that traditional tools miss

The post Webinar Today: Rethinking Email Security for Mid-Sized Organizations appeared first on SecurityWeek.

The startup’s AI-native platform unifies exposure analysis, threat intelligence, investigation, and response.

The post AiStrike Raises $7 Million in Seed Funding appeared first on SecurityWeek.

Hackers bypass the FortiCloud SSO login authentication to create new accounts and change device configurations.

The post New Wave of Attacks Targeting FortiGate Firewalls appeared first on SecurityWeek.

Claroty has raised a total of roughly $900 million and its valuation has reportedly reached $3 billion.

The post Claroty Raises $150 Million in Series F Funding appeared first on SecurityWeek.

The startup will use the new funding to accelerate product development and deepen remediation capabilities.

The post Furl Raises $10 Million for Autonomous Vulnerability Remediation appeared first on SecurityWeek.

Fixes were rolled out for over two dozen vulnerabilities, including critical- and high-severity bugs.

The post Atlassian, GitLab, Zoom Release Security Patches appeared first on SecurityWeek.

Cisco has released patches for CVE-2026-20045, a critical vulnerability that can be exploited for unauthenticated remote code execution.

The post Hackers Targeting Cisco Unified CM Zero-Day  appeared first on SecurityWeek.