SonicWall has warned customers to disable SSLVPN services due to ransomware gangs potentially exploiting an unknown security vulnerability in SonicWall Gen 7 firewalls to breach networks over the past few weeks. […]
Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks
In SaaS security conversations, “misconfiguration” and “vulnerability” are often used interchangeably. But they’re not the same thing. And misunderstanding that distinction can quietly create real exposure.
This confusion isn’t just semantics. It reflects a deeper misunderstanding of the shared responsibility model, particularly in SaaS environments where the line between vendor and customer
This confusion isn’t just semantics. It reflects a deeper misunderstanding of the shared responsibility model, particularly in SaaS environments where the line between vendor and customer
Approov Raises $6.7 Million for Mobile App Security
Approov has raised $6.7 million in Series A funding to advance its mobile application and API security solutions.
The post Approov Raises $6.7 Million for Mobile App Security appeared first on SecurityWeek.
Android gets patches for Qualcomm flaws exploited in attacks
Google has released security patches for six vulnerabilities in Android’s August 2025 security update, including two Qualcomm flaws exploited in targeted attacks. […]
How Top CISOs Save Their SOCs from Alert Chaos to Never Miss Real Incidents
Why do SOC teams still drown in alerts even after spending big on security tools? False positives pile up, stealthy threats slip through, and critical incidents get buried in the noise. Top CISOs have realized the solution isn’t adding more and more tools to SOC workflows but giving analysts the speed and visibility they need to catch real attacks before they cause damage.
Here’s how
Here’s how
Android’s August 2025 Update Patches Exploited Qualcomm Vulnerability
Android’s light August 2025 security update resolves an Adreno GPU vulnerability confirmed as exploited in June.
The post Android’s August 2025 Update Patches Exploited Qualcomm Vulnerability appeared first on SecurityWeek.
Microsoft increases Zero Day Quest prize pool to $5 million
Microsoft will offer up to $5 million in bounty awards at this year’s Zero Day Quest hacking contest, which the company describes as the “largest hacking event in history.” […]
Microsoft Offers $5 Million at Zero Day Quest Hacking Contest
Research demonstrating high-impact cloud and AI security flaws will be rewarded at Microsoft’s Zero Day Quest competition in spring 2026.
The post Microsoft Offers $5 Million at Zero Day Quest Hacking Contest appeared first on SecurityWeek.
SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation
Threat actors might be exploiting a zero-day vulnerability in SonicWall firewalls in a fresh wave of ransomware attacks.
The post SonicWall Hunts for Zero-Day Amid Surge in Firewall Exploitation appeared first on SecurityWeek.
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
Cybersecurity researchers have lifted the veil on a widespread malicious campaign that’s targeting TikTok Shop users globally with an aim to steal credentials and distribute trojanized apps.
“Threat actors are exploiting the official in-app e-commerce platform through a dual attack strategy that combines phishing and malware to target users,” CTM360 said. “The core tactic involves a deceptive
“Threat actors are exploiting the official in-app e-commerce platform through a dual attack strategy that combines phishing and malware to target users,” CTM360 said. “The core tactic involves a deceptive