Through the new program, OpenAI will reward reports covering design or implementation issues leading to material harm.
The post OpenAI Launches Bug Bounty Program for Abuse and Safety Risks appeared first on SecurityWeek.
European Commission investigating breach after Amazon cloud hack
The European Commission, the European Union’s main executive body, is investigating a security breach after a threat actor gained access to its Amazon cloud infrastructure. […]
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a report from Push Security.
Business accounts associated with social media platforms are a lucrative target, as they can be weaponized by bad actors for malvertising and distributing malware.
“TikTok has been historically abused to distribute
Business accounts associated with social media platforms are a lucrative target, as they can be weaponized by bad actors for malvertising and distributing malware.
“TikTok has been historically abused to distribute
TP-Link Patches High-Severity Router Vulnerabilities
The security defects could be used to bypass authentication, execute arbitrary commands, and decrypt configuration files.
The post TP-Link Patches High-Severity Router Vulnerabilities appeared first on SecurityWeek.
We Are At War
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it.
Introduction: One tech power to rule them all is a thing of the past
The relative safety, peace and prosperity that much of the world has enjoyed since 1945 was not accidental. It emerged from the ashes
Introduction: One tech power to rule them all is a thing of the past
The relative safety, peace and prosperity that much of the world has enjoyed since 1945 was not accidental. It emerged from the ashes
RSAC 2026 Conference Announcements Summary (Days 3-4)
A summary of the announcements made by vendors on the third and fourth days of the RSAC 2026 Conference.
The post RSAC 2026 Conference Announcements Summary (Days 3-4) appeared first on SecurityWeek.
Anti-piracy coalition takes down AnimePlay app with 5 million users
The Alliance for Creativity and Entertainment (ACE) announced the shutdown of AnimePlay, a major anime streaming platform with over 5 million users. […]
Coruna iOS Exploit Kit Likely an Update to Operation Triangulation
Coruna contains the updated version of a kernel exploit used in Operation Triangulation three years ago.
The post Coruna iOS Exploit Kit Likely an Update to Operation Triangulation appeared first on SecurityWeek.
Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker.
“Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon Russian businesses;
“Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon Russian businesses;
CISA Flags Critical PTC Vulnerability That Had German Police Mobilized
Police in Germany physically warned organizations about the critical PTC Windchill vulnerability tracked as CVE-2026-4681.
The post CISA Flags Critical PTC Vulnerability That Had German Police Mobilized appeared first on SecurityWeek.