A researcher has been given the highest reward in Google’s Chrome bug bounty program for a sandbox escape with remote code execution.
The post Chrome Sandbox Escape Earns Researcher $250,000 appeared first on SecurityWeek.
Managing the Trust-Risk Equation in AI: Predicting Hallucinations Before They Strike
New physics-based research suggests large language models could predict when their own answers are about to go wrong — a potential game changer for trust, risk, and security in AI-driven systems.
The post Managing the Trust-Risk Equation in AI: Predicting Hallucinations Before They Strike appeared first on SecurityWeek.
‘Chairmen’ of $100 million scam operation extradited to US
The U.S. Department of Justice charged four Ghanaian nationals for their roles in a massive fraud ring linked to the theft of over $100 million in romance scams and business email compromise attacks. […]
Connex Credit Union Data Breach Impacts 172,000 People
Hackers targeted Connex, one of the largest credit unions in Connecticut, and likely stole files containing personal information.
The post Connex Credit Union Data Breach Impacts 172,000 People appeared first on SecurityWeek.
⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More
This week, cyber attackers are moving quickly, and businesses need to stay alert. They’re finding new weaknesses in popular software and coming up with clever ways to get around security. Even one unpatched flaw could let attackers in, leading to data theft or even taking control of your systems. The clock is ticking—if defenses aren’t updated regularly, it could lead to serious damage. The
Flaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data Theft
A researcher has demonstrated how a platform used by over 1,000 dealerships in the US could have been used to hack cars.
The post Flaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data Theft appeared first on SecurityWeek.
6 Lessons Learned: Focusing Security Where Business Value Lives
The Evolution of Exposure Management
Most security teams have a good sense of what’s critical in their environment. What’s harder to pin down is what’s business-critical. These are the assets that support the processes the business can’t function without. They’re not always the loudest or most exposed. They’re the ones tied to revenue, operations, and delivery. If one goes down, it’s more than a
Most security teams have a good sense of what’s critical in their environment. What’s harder to pin down is what’s business-critical. These are the assets that support the processes the business can’t function without. They’re not always the loudest or most exposed. They’re the ones tied to revenue, operations, and delivery. If one goes down, it’s more than a
Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada
WinRAR has patched CVE-2025-8088, a zero-day exploited by Russia’s RomCom in attacks on financial, defense, manufacturing and logistics companies.
The post Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada appeared first on SecurityWeek.
Over 29,000 Exchange servers unpatched against high-severity flaw
Over 29,000 Exchange servers exposed online remain unpatched against a high-severity vulnerability that can let attackers move laterally in Microsoft cloud environments, potentially leading to complete domain compromise. […]
Connex Credit Union data breach impacts 172,000 members
Connex, one of Connecticut’s largest credit unions, warned tens of thousands of members that unknown attackers had stolen their personal and financial information after breaching its systems in early June. […]