Security researchers have hacked the Tesla Infotainment System and earned $516,500 after exploiting 37 zero-days on the first day of the Pwn2Own Automotive 2026 competition. […]
MITRE Launches New Security Framework for Embedded Systems
The Embedded Systems Threat Matrix (ESTM) aims to help organizations protect critical embedded systems.
The post MITRE Launches New Security Framework for Embedded Systems appeared first on SecurityWeek.
Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore
API cybersecurity will be a ping pong ball, battered between the rackets of AI-assisted attackers and AI-assisted defenders.
The post Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore appeared first on SecurityWeek.
Webinar: How Smart MSSPs Using AI to Boost Margins with Half the Staff
Every managed security provider is chasing the same problem in 2026 — too many alerts, too few analysts, and clients demanding “CISO-level protection” at SMB budgets.
The truth? Most MSSPs are running harder, not smarter. And it’s breaking their margins. That’s where the quiet revolution is happening: AI isn’t just writing reports or surfacing risks — it’s rebuilding how security services are
The truth? Most MSSPs are running harder, not smarter. And it’s breaking their margins. That’s where the quiet revolution is happening: AI isn’t just writing reports or surfacing risks — it’s rebuilding how security services are
Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure
Impacting Anthropic’s official MCP server, the vulnerabilities can be exploited through prompt injections.
The post Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure appeared first on SecurityWeek.
Oracle’s First 2026 CPU Delivers 337 New Security Patches
Oracle’s January 2026 CPU resolves roughly 230 unique vulnerabilities across more than 30 products.
The post Oracle’s First 2026 CPU Delivers 337 New Security Patches appeared first on SecurityWeek.
Exposure Assessment Platforms Signal a Shift in Focus
Gartner® doesn’t create new categories lightly. Generally speaking, a new acronym only emerges when the industry’s collective “to-do list” has become mathematically impossible to complete. And so it seems that the introduction of the Exposure Assessment Platforms (EAP) category is a formal admission that traditional Vulnerability Management (VM) is no longer a viable way to secure a modern
Analysis of 6 Billion Passwords Shows Stagnant User Behavior
The most common stolen passwords in 2025 were 123456, admin, and password, according to a Specops study.
The post Analysis of 6 Billion Passwords Shows Stagnant User Behavior appeared first on SecurityWeek.
Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs
Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit that could allow attackers to steal sensitive data, which may allow for lateral movement within a susceptible organization.
Zafran Security said the high-severity flaws, collectively dubbed ChainLeak, could be abused to leak cloud environment API keys and steal sensitive files, or
Zafran Security said the high-severity flaws, collectively dubbed ChainLeak, could be abused to leak cloud environment API keys and steal sensitive files, or
VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code
The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person with assistance from an artificial intelligence (AI) model.
That’s according to new findings from Check Point Research, which identified operational security blunders by malware’s author that provided clues to its developmental origins. The latest insight makes
That’s according to new findings from Check Point Research, which identified operational security blunders by malware’s author that provided clues to its developmental origins. The latest insight makes