Israeli cybersecurity company Check Point has released security updates to patch a critical flaw affecting Remote Access VPN and Mobile Access deployments, which was exploited in zero-day attacks. […]
AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload
Phishing has always been a numbers game. AI has turned it into a volume machine.
Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for Tier 1 to review, another link to inspect, and another alert that cannot be dismissed at a glance.
As the queue grows, a credential theft attempt or malware delivery can easily
Cybersecurity M&A Roundup: 26 Deals Announced in May 2026
Significant cybersecurity M&A deals announced by Akamai, Check Point, Cisco, Cyera, Dragos, WatchGuard and Zscaler.
The post Cybersecurity M&A Roundup: 26 Deals Announced in May 2026 appeared first on SecurityWeek.
Everest Forms Vulnerability Exploited to Hack WordPress Sites
The flaw allows attackers to execute arbitrary code remotely and has been exploited in the wild for two months.
The post Everest Forms Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek.
The Hardest Fork
Mythos is real. I know a big chunk of the industry thinks it’s a marketing stunt, and I get why. I get it. But I’ve seen the findings, and they’re bad. These aren’t “whoops, this line right here is wrong, and that’s RCE.” They’re novel combinations of a few dozen issues out of thousands of things every SAST scanner already finds, chained together into something much worse. It’s real creativity,
174,000 Impacted by Lansing Community College Data Breach
Hackers accessed personal information stored on certain Lansing Community College systems in February 2025.
The post 174,000 Impacted by Lansing Community College Data Breach appeared first on SecurityWeek.
Oxford University discloses data breach after careers platform hack
The University of Oxford disclosed a new data breach last week after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been compromised. […]
Silent Ransom Group Uses DNS Fast Flux in Attacks
Focusing on hacking law firms in the US, the ransomware group relies on fast flux to hide its C&C infrastructure.
The post Silent Ransom Group Uses DNS Fast Flux in Attacks appeared first on SecurityWeek.
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems.
The activity has been attributed by Volexity to a threat cluster it tracks as VerdantBamboo, which it said overlaps with hacking groups known as Clay Typhoon (Microsoft),
OpenAI Rolling Out ChatGPT Account Security Controls
The Active Sessions and Lockdown Mode features are being made more broadly available by the AI giant.
The post OpenAI Rolling Out ChatGPT Account Security Controls appeared first on SecurityWeek.