A threat actor tracked as Storm-2561 is distributing fakeĀ enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal VPN credentials from unsuspecting users. […]
Iran-Linked Hackers Take Aim at US and Other Targets, Raising Risk of Cyberattacks During War
Pro-Iranian hackers are targeting sites in the Middle East and starting to stretch into the United States during the war, raising the risk of American defense contractors, power stations and water plants.
The post Iran-Linked Hackers Take Aim at US and Other Targets, Raising Risk of Cyberattacks During War appeared first on SecurityWeek.
Bold Security Emerges From Stealth With $40 Million in Funding
The startup relies on AI to turn devices into active agents that understand usersā actions and provide protection in real time.
The post Bold Security Emerges From Stealth With $40 Million in Funding appeared first on SecurityWeek.
Google Paid Out $17 Million in Bug Bounty Rewards in 2025
Google paid over $3.7 million for Chrome vulnerabilities, and more than $3.5 million for cloud security defects.
The post Google Paid Out $17 Million in Bug Bounty Rewards in 2025 appeared first on SecurityWeek.
Iran-Linked Hacker Attack on Stryker Disrupted Manufacturing and Shipping
Evidence indicates that the attackers leveraged existing endpoint management software rather than malware to wipe devices.
The post Iran-Linked Hacker Attack on Stryker Disrupted Manufacturing and Shipping appeared first on SecurityWeek.
Onyx Security Launches With $40 Million in Funding
The startup is building a control pane to help organizations oversee autonomous AI agents and rapidly adopt them.
The post Onyx Security Launches With $40 Million in Funding appeared first on SecurityWeek.
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said have been exploited in the wild.
The list of vulnerabilities is as follows –
The list of vulnerabilities is as follows –
CVE-2026-3909 (CVSS score: 8.8) – An out-of-bounds write vulnerability in the Skia 2D graphics library that allows a remote attacker to perform out-of-bounds memory access via a crafted HTML
Authorities Disrupt SocksEscort Proxy Service Powered by AVrecon Botnet
Law enforcement agencies in the US and Europe targeted the cybercrime service that has impacted 360,000 devices since 2020.
The post Authorities Disrupt SocksEscort Proxy Service Powered by AVrecon Botnet appeared first on SecurityWeek.
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel’s AppArmor module that could be exploited by unprivileged users to circumvent kernel protections, escalate to root, and undermine container isolation guarantees.
The nine confused deputy vulnerabilities have been collectively codenamed CrackArmor by the Qualys Threat Research Unit (TRU). The
The nine confused deputy vulnerabilities have been collectively codenamed CrackArmor by the Qualys Threat Research Unit (TRU). The
Starbucks discloses data breach affecting hundreds of employees
Starbucks has disclosed a data breach affecting hundreds of employees after threat actors gained access to their Starbucks Partner Central accounts. […]