A Glendale man was sentenced to nearly five years in federal prison for his role in a darknet drug trafficking operation that sold cocaine, methamphetamine, MDMA, and ketamine to customers across the United States. […]
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG).
The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials
The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials
3 Ways to Start Your Intelligent Workflow Program
Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools isn’t enough. 88% of AI proofs-of-concept never make it to production, even though 70% of workers cite freeing time for high-value work as the primary AI automation motivation. Real impact comes
CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5
The vulnerability added to CISA’s KEV catalog affects ThreatSonar Anti-Ransomware and it was patched in 2024.
The post CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5 appeared first on SecurityWeek.
Palo Alto Networks to Acquire Koi in Reported $400 Million Transaction
Koi has developed an endpoint security solution that Palo Alto will use to enhance its products.
The post Palo Alto Networks to Acquire Koi in Reported $400 Million Transaction appeared first on SecurityWeek.
Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware
Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest.
The version 8.9.2 update incorporates what maintainer Don Ho calls a “double lock” design that aims to make the update process “robust and effectively unexploitable.” This includes verification
The version 8.9.2 update incorporates what maintainer Don Ho calls a “double lock” design that aims to make the update process “robust and effectively unexploitable.” This includes verification
Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group
GTIG and Mandiant said the zero-day tracked as CVE-2026-22769 has been exploited by UNC6201 since at least 2024.
The post Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group appeared first on SecurityWeek.
CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of vulnerabilities is as follows –
The list of vulnerabilities is as follows –
CVE-2026-2441 (CVSS score: 8.8) – A use-after-free vulnerability in Google Chrome that could allow a remote attacker to potentially exploit heap
Spain orders NordVPN, ProtonVPN to block LaLiga piracy sites
A Spanish court has granted precautionary measures against NordVPN and ProtonVPN, ordering the two popular VPN providers to block 16 websites that facilitate piracy of football matches. […]
Spain orders NordVPN and ProtonVPN to block LaLiga stream piracy
A Spanish court has granted precautionary measures against NordVPN and ProtonVPN, ordering the two popular VPN providers to block 16 websites that facilitate piracy of football matches. […]