Microsoft has reminded customers today that Windows 10 has reached the end of support and will no longer receive patches for newly discovered security vulnerabilities. […]
Cybereason Acquired by MSSP Giant LevelBlue
This is LevelBlue’s third acquisition this year, after Trustwave and Aon’s Cybersecurity & IP Litigation Consulting groups.
The post Cybereason Acquired by MSSP Giant LevelBlue appeared first on SecurityWeek.
Security firms debate CVE credit in overlapping vulnerability reports
FuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs’ reports without crediting them. Gecko denies any wrongdoing, calling the allegations a misunderstanding over disclosure process. […]
When AI Agents Join the Teams: The Hidden Security Shifts No One Expects
AI assistants are no longer just helping — they’re acting. Autonomous agents now open tickets, fix incidents, and make decisions faster than humans can monitor. As “Shadow AI” spreads, learn from Token Security why orgs must govern these agents like powerful new identities before oversight disappears. […]
SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM
SAP has rolled out additional protections for insecure deserialization bugs resolved in NetWeaver AS Java recently.
The post SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM appeared first on SecurityWeek.
Secure Boot bypass risk on nearly 200,000 Linux Framework sytems
Around 200,000 Linux computer systems from American computer maker Framework were shipped with signed UEFI shell components that could be exploited to bypass Secure Boot protections. […]
Fraud Prevention Firm Resistant AI Raises $25 Million
Resistant AI will use the funding to expand its fraud detection and transaction monitoring offerings to new markets.
The post Fraud Prevention Firm Resistant AI Raises $25 Million appeared first on SecurityWeek.
Harvard Is First Confirmed Victim of Oracle EBS Zero-Day Hack
Hackers have posted over 1 Tb of information allegedly stolen from Harvard on the Cl0p data leak website.
The post Harvard Is First Confirmed Victim of Oracle EBS Zero-Day Hack appeared first on SecurityWeek.
Chinese hackers abuse geo-mapping tool for year-long persistence
Chinese state hackers remained undetected in a target environment for more than a year by turning a component in the ArcGIS geo-mapping tool into a web shell. […]
Beyond the Black Box: Building Trust and Governance in the Age of AI
Balancing innovation with ethical governance is crucial for ensuring fairness, accountability, and public trust in the age of intelligent machines.
The post Beyond the Black Box: Building Trust and Governance in the Age of AI appeared first on SecurityWeek.