The flaw tracked as CVE-2026-2329 can be exploited without authentication for remote code execution with root privileges.
The post Critical Grandstream Phone Vulnerability Exposes Calls to Interception appeared first on SecurityWeek.
Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning
Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user’s software codebase for vulnerabilities and suggest patches.
The capability, called Claude Code Security, is currently available in a limited research preview to Enterprise and Team customers.
“It scans codebases for security vulnerabilities and suggests targeted
The capability, called Claude Code Security, is currently available in a limited research preview to Enterprise and Team customers.
“It scans codebases for security vulnerabilities and suggests targeted
CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerabilities in question are listed below –
The vulnerabilities in question are listed below –
CVE-2025-49113 (CVSS score: 9.9) – A deserialization of untrusted data vulnerability that allows remote code
Japanese tech giant Advantest hit by ransomware attack
Advantest Corporation disclosed that its corporate network has been targeted in a ransomware attack that may have affected customer or employee data. […]
CISA: BeyondTrust RCE flaw now exploited in ransomware attacks
Hackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns. […]
Data breach at French bank registry impacts 1.2 million accounts
The French Ministry of Finance has published an announcement informing of a cybersecurity incident that has impacted 1.2 million accounts. […]
NIST’s Quantum Breakthrough: Single Photons Produced on a Chip
NIST’s single photon chip will likely make QKD an option for a wider range of companies.
The post NIST’s Quantum Breakthrough: Single Photons Produced on a Chip appeared first on SecurityWeek.
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and
The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of the
The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of the
In Other News: Ransomware Shuts US Clinics, ICS Vulnerability Surge, European Parliament Bans AI
Other noteworthy stories that might have slipped under the radar: Axonius lays off employees, Abu Dhabi conference data leak, HackerOne addresses AI concerns.
The post In Other News: Ransomware Shuts US Clinics, ICS Vulnerability Surge, European Parliament Bans AI appeared first on SecurityWeek.
Why the shift left dream has become a nightmare for security and developers
The “shift left” approach has increased pressure on developers, as speed demands override security checks in modern CI pipelines. Qualys explains how analyzing 34,000 public container images revealed 7.3% were malicious and why security must be enforced at the infrastructure layer by default. […]