The vulnerability is tracked as CVE-2026-21509 and it can be exploited to bypass security features.
The post Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Access System Flaws Enabled Hackers to Unlock Doors at Major European Firms
More than 20 vulnerabilities were found and patched in Dormakaba physical access control systems.
The post Access System Flaws Enabled Hackers to Unlock Doors at Major European Firms appeared first on SecurityWeek.
Upwind Raises $250 Million at $1.5 Billion Valuation
The CNAPP company will use the fresh investment to scale its runtime-first cloud security offering across data, AI and code.
The post Upwind Raises $250 Million at $1.5 Billion Valuation appeared first on SecurityWeek.
Crunchbase Confirms Data Breach After Hacking Claims
Crunchbase was targeted alongside SoundCloud and Betterment in a ShinyHunters campaign.
The post Crunchbase Confirms Data Breach After Hacking Claims appeared first on SecurityWeek.
Cyber Insights 2026: Threat Hunting in an Age of Automation and AI
Understanding how threat hunting differs from reactive security provides a deeper understanding of the role, while hinting at how it will evolve in the future.
The post Cyber Insights 2026: Threat Hunting in an Age of Automation and AI appeared first on SecurityWeek.
‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing
Priced $2,000 – $6,000 on a cybercrime forum, the MaaS toolkit promises publication on the Chrome Web Store.
The post ‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing appeared first on SecurityWeek.
TikTok Finalizes a Deal to Form a New American Entity
TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States.
The post TikTok Finalizes a Deal to Form a New American Entity appeared first on SecurityWeek.
Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid
10 years after disrupting the Ukrainian power grid, the APT targeted Poland with data-wiping malware.
The post Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid appeared first on SecurityWeek.
2024 VMware Flaw Now in Attackers’ Crosshairs
The critical-severity vulnerability can be exploited via crafted network packets for remote code execution.
The post 2024 VMware Flaw Now in Attackers’ Crosshairs appeared first on SecurityWeek.
Nike Probing Potential Security Incident as Hackers Threaten to Leak Data
The WorldLeaks cybercrime group claims to have stolen information from the footwear and apparel giant’s systems.
The post Nike Probing Potential Security Incident as Hackers Threaten to Leak Data appeared first on SecurityWeek.