Starting September 2026, new Chrome iterations will be released twice as fast, part of a two-week cycle.
The post Google Plans Two-Week Release Schedule for Chrome appeared first on SecurityWeek.
New RFP Template for AI Usage Control and AI Governance
As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the budget — to secure it. But there’s a quiet crisis unfolding in the boardroom: many organizations know they need “AI Governance,” but they have no idea what they are actually looking for.
The CISO’s Dilemma: You Have the AI Budget, but Do You Have the Requirements?
As AI
The CISO’s Dilemma: You Have the AI Budget, but Do You Have the Requirements?
As AI
Global Coalition Publishes 6G Security and Resilience Principles
The principles cover security, resilience against attacks and disasters, AI, and openness and interoperability.
The post Global Coalition Publishes 6G Security and Resilience Principles appeared first on SecurityWeek.
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that’s functional on Windows, macOS, and Linux systems.
The names of the packages are listed below –
The names of the packages are listed below –
nhattuanbl/lara-helper (37 Downloads)
nhattuanbl/simple-queue (29 Downloads)
nhattuanbl/lara-swagger (49 Downloads)
Critical FreeScout Vulnerability Leads to Full Server Compromise
A patch bypass for an authenticated code execution bug, the flaw leads to zero-click remote code execution attacks.
The post Critical FreeScout Vulnerability Leads to Full Server Compromise appeared first on SecurityWeek.
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024.
“Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments,” Check Point said
“Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments,” Check Point said
VMware Aria Operations Vulnerability Exploited in the Wild
The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution.
The post VMware Aria Operations Vulnerability Exploited in the Wild appeared first on SecurityWeek.
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild.
The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an
The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an
CISA flags VMware Aria Operations RCE flaw as exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. […]
Paint maker giant AkzoNobel confirms cyberattack on U.S. site
The multinational Dutch paint company AkzoNobel has confirmed to BleepingComputer that hackers breached the network of one of its U.S. sites. […]