Allianz Life has completed the investigation into the cyberattack it suffered in July and determined that nearly 1.5 million individuals are impacted. […]
How To Simplify CISA’s Zero Trust Roadmap with Modern Microsegmentation
CISA says microsegmentation isn’t optional—it’s foundational to Zero Trust. But legacy methods make it slow & complex. Learn from Zero Networks how modern, automated, agentless approaches make containment practical for every org. […]
Microsoft: Media Creation Tool broken on Windows 11 Arm64 PCs
After rolling out Windows 11 25H2, also known as Windows 11 2025 Update, Microsoft has confirmed that the Media Creation Tool has stopped working on devices with Arm64 CPUs. […]
OpenSSL Vulnerabilities Allow Private Key Recovery, Code Execution, DoS Attacks
Three vulnerabilities have been patched with the release of OpenSSL updates.
The post OpenSSL Vulnerabilities Allow Private Key Recovery, Code Execution, DoS Attacks appeared first on SecurityWeek.
OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps
A high-severity security flaw has been disclosed in the One Identity OneLogin Identity and Access Management (IAM) solution that, if successfully exploited, could expose sensitive OpenID Connect (OIDC) application client secrets under certain circumstances.
The vulnerability, tracked as CVE-2025-59363, has been assigned a CVSS score of 7.7 out of 10.0. It has been described as a case of
The vulnerability, tracked as CVE-2025-59363, has been assigned a CVSS score of 7.7 out of 10.0. It has been described as a case of
How Leading Security Teams Blend AI + Human Workflows (Free Webinar)
AI is changing automation—but not always for the better. That’s why we’re hosting a new webinar, “Workflow Clarity: Where AI Fits in Modern Automation,” with Thomas Kinsella, Co-founder & Chief Customer Officer at Tines, to explore how leading teams are cutting through the hype and building workflows that actually deliver.The rise of AI has changed how organizations think about automation.
Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover
A severe security flaw has been disclosed in the Red Hat OpenShift AI service that could allow attackers to escalate privileges and take control of the complete infrastructure under certain conditions.
OpenShift AI is a platform for managing the lifecycle of predictive and generative artificial intelligence (GenAI) models at scale and across hybrid cloud environments. It also facilitates data
OpenShift AI is a platform for managing the lifecycle of predictive and generative artificial intelligence (GenAI) models at scale and across hybrid cloud environments. It also facilitates data
Chinese APT ‘Phantom Taurus’ Targeting Organizations With Net-Star Malware
Focused on espionage, the threat actor shares infrastructure with Chinese APTs, but uses different TTPs in attacks.
The post Chinese APT ‘Phantom Taurus’ Targeting Organizations With Net-Star Malware appeared first on SecurityWeek.
Canadian Airline WestJet Says Hackers Stole Customer Data
The company says names, contact details, and ID documents provided in connection with reservations and travel were stolen from its systems.
The post Canadian Airline WestJet Says Hackers Stole Customer Data appeared first on SecurityWeek.
NIST Publishes Guide for Protecting ICS Against USB-Borne Threats
NIST Special Publication 1334 focuses on reducing cybersecurity risks associated with the use of removable media devices in OT environments.
The post NIST Publishes Guide for Protecting ICS Against USB-Borne Threats appeared first on SecurityWeek.